[Secure-testing-commits] r44046 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 19 04:30:05 UTC 2016
Author: carnil
Date: 2016-08-19 04:30:04 +0000 (Fri, 19 Aug 2016)
New Revision: 44046
Modified:
data/CVE/list
Log:
Add new hhvm CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-18 21:10:12 UTC (rev 44045)
+++ data/CVE/list 2016-08-19 04:30:04 UTC (rev 44046)
@@ -1,3 +1,21 @@
+CVE-2016-6875 [Fix infinite recursion in wddx]
+ - hhvm <unfixed>
+ NOTE: https://github.com/facebook/hhvm/commit/1888810e77b446a79a7674784d5f139fcfa605e2
+CVE-2016-6874 [Fix recursion checks in array_*_recursive]
+ - hhvm <unfixed>
+ NOTE: https://github.com/facebook/hhvm/commit/05e706d98f748f609b19d8697e490eaab5007d69
+CVE-2016-6873 [Fix self recursion in compact]
+ - hhvm <unfixed>
+ NOTE: https://github.com/facebook/hhvm/commit/e264f04ae825a5d97758130cf8eec99862517e7e
+CVE-2016-6872 [Fix integer overflow in StringUtil::implode]
+ - hhvm <unfixed>
+ NOTE: https://github.com/facebook/hhvm/commit/2c9a8fcc73a151608634d3e712973d192027c271
+CVE-2016-6871 [Fix buffer overrun due to integer overflow in bcmath]
+ - hhvm <unfixed>
+ NOTE: https://github.com/facebook/hhvm/commit/c00fc9d3003eb06226b58b6a48555f1456ee2475
+CVE-2016-6870 [incorrect use of strndup]
+ - hhvm <unfixed>
+ NOTE: https://github.com/facebook/hhvm/commit/365abe807cab2d60dc9ec307292a06181f77a9c2
CVE-2016-6837 [XSS in view_all_bug_page.php]
- mantis <removed>
NOTE: https://mantisbt.org/bugs/view.php?id=21611
More information about the Secure-testing-commits
mailing list