[Secure-testing-commits] r41099 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Apr 24 05:11:42 UTC 2016
Author: carnil
Date: 2016-04-24 05:11:42 +0000 (Sun, 24 Apr 2016)
New Revision: 41099
Modified:
data/CVE/list
Log:
CVE-2015-8865/{php,file} assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-24 05:09:37 UTC (rev 41098)
+++ data/CVE/list 2016-04-24 05:11:42 UTC (rev 41099)
@@ -580,14 +580,16 @@
- tiff <unfixed>
- tiff3 <removed>
TODO: check
-CVE-2016-XXXX [Buffer over-write in finfo_open with malformed magic file]
+CVE-2015-8865 [Buffer over-write in finfo_open with malformed magic file]
- php7.0 7.0.5-1
- php5 5.6.20+dfsg-1
- file 1:5.24-1
NOTE: http://bugs.gw.com/view.php?id=522
+ NOTE: https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36
NOTE: https://bugs.php.net/bug.php?id=71527
+ NOTE: http://git.php.net/?p=php-src.git;a=commit;h=fe13566c93f118a15a96320a546c7878fd0cfc5e
NOTE: PHP fixed in 7.0.5, 5.6.20, 5.5.34
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/04/11/7
+ NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
TODO: recheck versions
CVE-2016-3993 [off-by-one OOB read in __imlib_MergeUpdate]
RESERVED
More information about the Secure-testing-commits
mailing list