[Secure-testing-commits] r41254 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Apr 28 08:36:58 UTC 2016
Author: carnil
Date: 2016-04-28 08:36:58 +0000 (Thu, 28 Apr 2016)
New Revision: 41254
Modified:
data/CVE/list
Log:
Add CVE-2016-3078/php7.0
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-28 06:10:35 UTC (rev 41253)
+++ data/CVE/list 2016-04-28 08:36:58 UTC (rev 41254)
@@ -2594,8 +2594,12 @@
NOT-FOR-US: Red Hat Satellite / Spacewalk / spacewalk-monitoring
CVE-2016-3079 (Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in ...)
NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2016-3078
+CVE-2016-3078 [integer overflow in ZipArchive::getFrom*]
RESERVED
+ - php7.0 <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2016/04/28/1
+ NOTE: Fixed in 7.0.6
+ TODO: check other php versions if affected
CVE-2016-3077
RESERVED
NOT-FOR-US: ovirt-engine
More information about the Secure-testing-commits
mailing list