[Secure-testing-commits] r40841 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 9 18:09:47 UTC 2016
Author: carnil
Date: 2016-04-09 18:09:47 +0000 (Sat, 09 Apr 2016)
New Revision: 40841
Modified:
data/CVE/list
Log:
Add three more items for php
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-09 18:04:13 UTC (rev 40840)
+++ data/CVE/list 2016-04-09 18:09:47 UTC (rev 40841)
@@ -1,3 +1,21 @@
+CVE-2016-XXXX [Integer overflow in php_raw_url_encode]
+ - php7.0 7.0.5-1
+ - php5 <unfixed>
+ NOTE: Fixed in 7.0.5, 5.6.20, 5.5.34
+ NOTE: https://bugs.php.net/bug.php?id=71798
+ NOTE: https://git.php.net/?p=php-src.git;a=commit;h=95433e8e339dbb6b5d5541473c1661db6ba2c451
+CVE-2016-XXXX [Format string vulnerability in php_snmp_error()]
+ - php7.0 7.0.5-1
+ - php5 <unfixed>
+ NOTE: Fixed in 7.0.5, 5.6.20, 5.5.34
+ NOTE: https://bugs.php.net/bug.php?id=71704
+ NOTE: https://git.php.net/?p=php-src.git;a=commit;h=6e25966544fb1d2f3d7596e060ce9c9269bbdcf8
+CVE-2016-XXXX [Invalid memory write in phar on filename containing \0 inside name]
+ - php7.0 7.0.5-1
+ - php5 <unfixed>
+ NOTE: Fixed in 7.0.5, 5.6.20, 5.5.34
+ NOTE: https://bugs.php.net/bug.php?id=71860
+ NOTE: https://gist.github.com/smalyshev/80b5c2909832872f2ba2
CVE-2016-XXXX [Negative size parameter in memcpy]
- php7.0 7.0.5-1
- php5 <unfixed>
More information about the Secure-testing-commits
mailing list