[Secure-testing-commits] r38926 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jan 14 22:09:55 UTC 2016


Author: carnil
Date: 2016-01-14 22:09:55 +0000 (Thu, 14 Jan 2016)
New Revision: 38926

Modified:
   data/CVE/list
Log:
Add CVE-2016-1904/php

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-14 22:08:29 UTC (rev 38925)
+++ data/CVE/list	2016-01-14 22:09:55 UTC (rev 38926)
@@ -1,3 +1,10 @@
+CVE-2016-1904 [Heap BufferOver Flow in escapeshell functions]
+	- php5 <undetermined>
+	- php5.6 <undetermined>
+	- php7.0 7.0.2-1
+	NOTE: https://bugs.php.net/bug.php?id=71270
+	NOTE: https://github.com/php/php-src/commit/2871c70efaaaa0f102557a17c727fd4d5204dd4b
+	TODO: check
 CVE-2016-1903 [Memory Read via gdImageRotateInterpolated Array Index Out of Bounds]
 	- php5 5.6.17+dfsg-1
 	- php5.6 5.6.17+dfsg-1




More information about the Secure-testing-commits mailing list