[Secure-testing-commits] r40756 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-04-04 13:57:58 +0000 (Mon, 04 Apr 2016)
New Revision: 40756

Modified:
   data/CVE/list
Log:
Add temporary entry for file/php issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-04-04 12:53:18 UTC (rev 40755)
+++ data/CVE/list	2016-04-04 13:57:58 UTC (rev 40756)
@@ -1,3 +1,11 @@
+CVE-2016-XXXX [Buffer over-write in finfo_open with malformed magic file]
+	- php7.0 7.0.5-1
+	- php5 <unfixed>
+	- file 1:5.24-1
+	NOTE: http://bugs.gw.com/view.php?id=522
+	NOTE: https://bugs.php.net/bug.php?id=71527
+	NOTE: PHP fixed in 7.0.5, 5.6.20, 5.5.34
+	TODO: recheck versions
 CVE-2016-XXXX [off-by-one OOB read in __imlib_MergeUpdate]
 	- imlib2 <unfixed> (bug #819818)
 	[jessie] - imlib2 <no-dsa> (Minor issue)