[Secure-testing-commits] r47004 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 12 18:19:49 UTC 2016
Author: carnil
Date: 2016-12-12 18:19:49 +0000 (Mon, 12 Dec 2016)
New Revision: 47004
Modified:
data/CVE/list
Log:
CVE-2016-9936 assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-12 18:19:39 UTC (rev 47003)
+++ data/CVE/list 2016-12-12 18:19:49 UTC (rev 47004)
@@ -1,10 +1,9 @@
-CVE-2016-XXXX [Use After Free in PHP7 unserialize()]
+CVE-2016-9936 [Use After Free in PHP7 unserialize()]
- php7.0 7.0.14-1
- - php5 <unfixed>
NOTE: Fixed in PHP 7.0.14 and 7.1.0
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72978
NOTE: Fixed by: https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/12/12/2
+ NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
CVE-2016-9935 [Invalid read when wddx decodes empty boolean element]
- php7.0 7.0.14-1
- php5 <unfixed>
More information about the Secure-testing-commits
mailing list