[Secure-testing-commits] r36551 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-09-08 18:29:13 +0000 (Tue, 08 Sep 2015)
New Revision: 36551

Modified:
   data/CVE/list
Log:
CVE-2015-6834/php5 assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-08 18:24:01 UTC (rev 36550)
+++ data/CVE/list	2015-09-08 18:29:13 UTC (rev 36551)
@@ -28,16 +28,6 @@
 	NOTE: https://bugs.php.net/bug.php?id=69782
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-XXXX [yet another use-after-free vulnerability in unserialize() with SplDoublyLinkedL]
-	- php5 <unfixed>
-	NOTE: https://bugs.php.net/bug.php?id=70366
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/07/5
-	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-XXXX [yet another use-after-free vulnerability in unserialize() with SplObjectStorage]
-	- php5 <unfixed>
-	NOTE: https://bugs.php.net/bug.php?id=70365
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/07/5
-	NOTE: Fixed in 5.5.45 and 5.6.13
 CVE-2015-XXXX [SOAP serialize_function_call() type confusion / RCE]
 	- php5 <unfixed>
 	NOTE: https://bugs.php.net/bug.php?id=70388
@@ -48,10 +38,12 @@
 	NOTE: https://bugs.php.net/bug.php?id=70219
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-XXXX [Use After Free Vulnerability in unserialize()]
+CVE-2015-6834 [Vulnerability in unserialize(), discoverer taoguangchen at icloud.com]
 	- php5 <unfixed>
 	NOTE: https://bugs.php.net/bug.php?id=70172
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/07/5
+	NOTE: https://bugs.php.net/bug.php?id=70365
+	NOTE: https://bugs.php.net/bug.php?id=70366
+	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
 CVE-2015-XXXX [TOTP Replay Attack]
 	- ruby-devise-two-factor <unfixed>