[Secure-testing-commits] r41261 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Apr 28 17:09:26 UTC 2016
Author: carnil
Date: 2016-04-28 17:09:25 +0000 (Thu, 28 Apr 2016)
New Revision: 41261
Modified:
data/CVE/list
Log:
Add more CVEs for php
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-28 17:05:37 UTC (rev 41260)
+++ data/CVE/list 2016-04-28 17:09:25 UTC (rev 41261)
@@ -5077,6 +5077,22 @@
NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
- hhvm 3.12.1+dfsg-1
NOTE: https://github.com/facebook/hhvm/commit/eae73029336e4d577707cb8a0527f22cb8a4588a
+CVE-2016-4346 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/standard/string.c]
+ - php7.0 <undetermined>
+ - php5 <undetermined>
+ NOTE: https://bugs.php.net/bug.php?id=71637
+CVE-2016-4345 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/filter/sanitizing_filters.c]
+ - php7.0 <undetermined>
+ - php5 <undetermined>
+ NOTE: https://bugs.php.net/bug.php?id=71637
+CVE-2016-4344 [Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes -- ext/xml/xml.c]
+ - php7.0 <undetermined>
+ - php5 <undetermined>
+ NOTE: https://bugs.php.net/bug.php?id=71637
+CVE-2016-4343 [Uninitialized pointer in phar_make_dirstream()]
+ - php7.0 <undetermined>
+ - php5 <undetermined>
+ NOTE: https://bugs.php.net/bug.php?id=71331
CVE-2016-4342 [Heap corruption in tar/zip/phar parser]
- php5 5.6.18+dfsg-1
[jessie] - php5 5.6.19+dfsg-0+deb8u1
More information about the Secure-testing-commits
mailing list