[Secure-testing-commits] r39661 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-02-14 07:36:19 +0000 (Sun, 14 Feb 2016)
New Revision: 39661

Modified:
   data/CVE/list
Log:
Add some new php issues

Note: the list is not complete and some might be removed again due to no
security impact (e.g. round() segfault on 64-bit builds).

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-14 07:17:58 UTC (rev 39660)
+++ data/CVE/list	2016-02-14 07:36:19 UTC (rev 39661)
@@ -1,3 +1,59 @@
+CVE-2016-XXXX [exec functions ignore length but look for NULL termination]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 7.0.3-1
+	NOTE: https://bugs.php.net/bug.php?id=71039
+	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
+CVE-2016-XXXX [No check to duplicate zend_extension]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 7.0.3-1
+	NOTE: https://bugs.php.net/bug.php?id=71089
+	NOTE: Fixed in 5.6.18, 7.0.3
+CVE-2016-XXXX [round() segfault on 64-bit builds]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 7.0.3-1
+	NOTE: https://bugs.php.net/bug.php?id=71201
+	NOTE: Fixed in 5.6.18, 7.0.3
+	NOTE: can be possibly considered a plain bug not a security issue
+CVE-2016-XXXX [Output of stream_get_meta_data can be falsified by its input]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 7.0.3-1
+	NOTE: https://bugs.php.net/bug.php?id=71323
+	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
+CVE-2016-XXXX [Integer overflow in iptcembed()]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 7.0.3-1
+	NOTE: https://bugs.php.net/bug.php?id=71459
+	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
+CVE-2016-XXXX [Heap corruption in tar/zip/phar parser]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 7.0.3-1
+	NOTE: https://bugs.php.net/bug.php?id=71354
+	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
+CVE-2016-XXXX [NULL Pointer Dereference in phar_tar_setupmetadata()]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 7.0.3-1
+	NOTE: https://bugs.php.net/bug.php?id=71391
+	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
+CVE-2016-XXXX [Stack overflow when decompressing tar archives]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 7.0.3-1
+	NOTE: https://bugs.php.net/bug.php?id=71488
+	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
+CVE-2016-XXXX [Crash in SessionHandler::read()]
+	- php5 <unfixed>
+	- php5.6 5.6.18+dfsg-1
+	- php7.0 <undetermined>
+	NOTE: https://bugs.php.net/bug.php?id=69111
+	NOTE: Fixed in 5.6.18
+	TODO: check
 CVE-2016-XXXX [Type confusion vulnerability in WDDX packet deserialization]
 	- php5 <unfixed>
 	- php5.6 5.6.18+dfsg-1