[Secure-testing-commits] r36535 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Sep 7 21:10:11 UTC 2015
Author: sectracker
Date: 2015-09-07 21:10:11 +0000 (Mon, 07 Sep 2015)
New Revision: 36535
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-07 20:45:35 UTC (rev 36534)
+++ data/CVE/list 2015-09-07 21:10:11 UTC (rev 36535)
@@ -3155,14 +3155,14 @@
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7731
CVE-2015-5590 [Buffer overflow and stack smashing error in phar_fix_filepath]
RESERVED
- {DSA-3344-1}
+ {DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69923
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f
NOTE: Fixed in 5.6.11, 5.4.43
CVE-2015-5589 [Segfault in Phar::convertToData on invalid file]
RESERVED
- {DSA-3344-1}
+ {DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69958
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf
@@ -5449,7 +5449,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
CVE-2015-4643 [Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow)]
RESERVED
- {DSA-3344-1}
+ {DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
NOTE: https://bugs.php.net/bug.php?id=69545#1431550655
@@ -5457,7 +5457,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
CVE-2015-4644 [Fixed bug #69667 (segfault in php_pgsql_meta_data)]
RESERVED
- {DSA-3344-1}
+ {DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
NOTE: https://bugs.php.net/bug.php?id=69667
@@ -5885,6 +5885,7 @@
NOTE: https://bugs.php.net/bug.php?id=69152 [2015-03-03 04:30 UTC]
CVE-2015-4602
RESERVED
+ {DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
@@ -5892,6 +5893,7 @@
NOTE: https://bugs.php.net/bug.php?id=69152
CVE-2015-4601
RESERVED
+ {DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
@@ -5899,6 +5901,7 @@
NOTE: https://bugs.php.net/bug.php?id=69152
CVE-2015-4600
RESERVED
+ {DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
@@ -5906,6 +5909,7 @@
NOTE: https://bugs.php.net/bug.php?id=69152
CVE-2015-4599 [Type confusion vulnerability in exception::getTraceAsString]
RESERVED
+ {DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
@@ -5913,7 +5917,7 @@
NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=51856a76f87ecb24fe1385342be43610fb6c86e4
CVE-2015-4598 [Incorrect handling of paths with NULs]
RESERVED
- {DSA-3344-1}
+ {DSA-3344-1 DLA-307-1}
- php5 5.6.11+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69719
NOTE: Fixed in 5.6.10 and 5.4.42 upstream
@@ -7212,12 +7216,12 @@
CVE-2014-9719
RESERVED
CVE-2015-4026 (The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before ...)
- {DSA-3280-1}
+ {DSA-3280-1 DLA-307-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=68598
NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
CVE-2015-4025 (PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 ...)
- {DSA-3280-1}
+ {DSA-3280-1 DLA-307-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69418
NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
@@ -7230,13 +7234,13 @@
- hhvm <unfixed>
NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/6188457bd90ed2f3516e778dca8e91536d91802e
CVE-2015-4022 (Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP ...)
- {DSA-3280-1}
+ {DSA-3280-1 DLA-307-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69545
NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/2
NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
CVE-2015-4021 (The phar_parse_tarfile function in ext/phar/tar.c in PHP before ...)
- {DSA-3280-1}
+ {DSA-3280-1 DLA-307-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69453
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74
@@ -8715,6 +8719,7 @@
NOTE: https://github.com/facebook/hhvm/commit/02a7a8f086c9181002fca0f0d9cef42963fdf46a
CVE-2015-3412
RESERVED
+ {DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
@@ -8723,6 +8728,7 @@
NOTE: https://bugs.php.net/bug.php?id=69353
CVE-2015-3411
RESERVED
+ {DLA-307-1}
- php5 5.6.9+dfsg-1
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
@@ -8984,6 +8990,7 @@
NOTE: http://xenbits.xen.org/xsa/advisory-132.html
CVE-2015-4605 [denial of service when processing a crafted file with Fileinfo -- 2015-02-09 17:10 UTC]
RESERVED
+ {DLA-307-1}
- php5 5.6.9+dfsg-1 (bug #783099)
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
@@ -8992,6 +8999,7 @@
NOTE: https://bugs.php.net/bug.php?id=68819
CVE-2015-4604 [denial of service when processing a crafted file with Fileinfo -- 2015-02-05 13:53 UTC]
RESERVED
+ {DLA-307-1}
- php5 5.6.9+dfsg-1 (bug #783099)
[jessie] - php5 5.6.9+dfsg-0+deb8u1
[wheezy] - php5 5.4.41-0+deb7u1
@@ -9069,7 +9077,7 @@
CVE-2015-3311
RESERVED
CVE-2015-3307 (The phar_parse_metadata function in ext/phar/phar.c in PHP before ...)
- {DSA-3280-1}
+ {DSA-3280-1 DLA-307-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69443
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
@@ -12038,11 +12046,13 @@
- libdbd-firebird-perl 1.18-2 (bug #780925)
NOTE: http://www.openwall.com/lists/oss-security/2015/03/30/4
CVE-2015-4148 (The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, ...)
+ {DLA-307-1}
- php5 5.6.7+dfsg-1
[wheezy] - php5 5.4.39-0+deb7u1
NOTE: https://bugs.php.net/bug.php?id=69085
NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/14
CVE-2015-4147 (The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, ...)
+ {DLA-307-1}
- php5 5.6.7+dfsg-1
[wheezy] - php5 5.4.39-0+deb7u1
NOTE: https://bugs.php.net/bug.php?id=69085
More information about the Secure-testing-commits
mailing list