[Secure-testing-commits] r34369 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed May 20 14:18:18 UTC 2015
Author: carnil
Date: 2015-05-20 14:18:18 +0000 (Wed, 20 May 2015)
New Revision: 34369
Modified:
data/CVE/list
Log:
Add CVE-2015-4025 and CVE-2015-4026 in php5
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-20 14:15:24 UTC (rev 34368)
+++ data/CVE/list 2015-05-20 14:18:18 UTC (rev 34369)
@@ -1,10 +1,6 @@
CVE-2015-XXXX [denial-of-service]
- ipsec-tools <unfixed> (bug #785778)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/20/1
-CVE-2015-4026
- RESERVED
-CVE-2015-4025
- RESERVED
CVE-2015-4023
RESERVED
CVE-2015-4020
@@ -89,12 +85,14 @@
TODO: check
CVE-2014-9719
RESERVED
-CVE-2015-XXXX [various functions allow \0 in paths where they shouldn't]
+CVE-2015-4026 [pcntl_exec() should not allow null char]
- php5 <unfixed>
- NOTE: https://bugs.php.net/bug.php?id=69418
NOTE: https://bugs.php.net/bug.php?id=68598
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/18/2
TODO: check
+CVE-2015-4025 [CVE-2006-7243 fix regressions in 5.4+]
+ - php5 <unfixed>
+ NOTE: https://bugs.php.net/bug.php?id=69418
+ TODO: check
CVE-2015-4024 [DoS possibility due to ineffective parsing of form data]
- php5 <unfixed>
NOTE: https://bugs.php.net/bug.php?id=69364
More information about the Secure-testing-commits
mailing list