[Secure-testing-commits] r44084 - data/CVE

Sun Aug 21 14:30:54 UTC 2016

Author: carnil
Date: 2016-08-21 14:30:54 +0000 (Sun, 21 Aug 2016)
New Revision: 44084

Modified:
   data/CVE/list
Log:
Add bug reference for hhvm, #835032

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-08-21 14:26:00 UTC (rev 44083)
+++ data/CVE/list	2016-08-21 14:30:54 UTC (rev 44084)
@@ -98,27 +98,27 @@
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=47882fa4975bf0b58dd74474329fdd7154e8f04c
 CVE-2016-6875 [Fix infinite recursion in wddx]
 	RESERVED
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/1888810e77b446a79a7674784d5f139fcfa605e2
 CVE-2016-6874 [Fix recursion checks in array_*_recursive]
 	RESERVED
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/05e706d98f748f609b19d8697e490eaab5007d69
 CVE-2016-6873 [Fix self recursion in compact]
 	RESERVED
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/e264f04ae825a5d97758130cf8eec99862517e7e
 CVE-2016-6872 [Fix integer overflow in StringUtil::implode]
 	RESERVED
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/2c9a8fcc73a151608634d3e712973d192027c271
 CVE-2016-6871 [Fix buffer overrun due to integer overflow in bcmath]
 	RESERVED
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/c00fc9d3003eb06226b58b6a48555f1456ee2475
 CVE-2016-6870 [incorrect use of strndup]
 	RESERVED
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/365abe807cab2d60dc9ec307292a06181f77a9c2
 CVE-2016-6866
 	RESERVED
@@ -7887,7 +7887,7 @@
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://bugs.php.net/bug.php?id=72099
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=dccda88f27a084bcbbb30198ace12b4e7ae961cc
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
@@ -9427,7 +9427,7 @@
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: Fixed in 7.0.5, 5.6.20, 5.5.34
 	NOTE: https://bugs.php.net/bug.php?id=71798
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=95433e8e339dbb6b5d5541473c1661db6ba2c451
@@ -9584,7 +9584,7 @@
 	- php5 5.6.20+dfsg-1
 	- file 1:5.24-1 (bug #827377)
 	[jessie] - file <no-dsa> (Minor issue, magic file needs to be under attacker control)
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: http://bugs.gw.com/view.php?id=522
 	NOTE: https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36
 	NOTE: https://bugs.php.net/bug.php?id=71527
@@ -16206,7 +16206,7 @@
 	[squeeze] - php5 <not-affected> (Vulnerable code not present, check in gdImageRotate() already available)
 	- php5.6 5.6.17+dfsg-1
 	- php7.0 7.0.2-1
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://bugs.php.net/bug.php?id=70976
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=4b8394dd78571826ac66a69dc240c623f31d78f8
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/f91abcc3b156823688c54158fc4fa36d87570afe
@@ -40445,7 +40445,7 @@
 	{DSA-3215-1 DLA-189-1}
 	- libgd2 2.1.0-5
 	- php5 5.6.5+dfsg-1 (unimportant)
-	- hhvm <unfixed>
+	- hhvm <unfixed> (bug #835032)
 	NOTE: https://bugs.php.net/bug.php?id=68601
 	NOTE: Fix in libgd2: https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43
 	NOTE: Also related: https://bitbucket.org/libgd/gd-libgd/commits/81e9a993f2893d651d225646378e3fd1b7465467


