[Secure-testing-commits] r43362 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jul 22 04:53:33 UTC 2016
Author: carnil
Date: 2016-07-22 04:53:33 +0000 (Fri, 22 Jul 2016)
New Revision: 43362
Modified:
data/CVE/list
Log:
Add more information for CVE-2016-5207
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-22 04:44:11 UTC (rev 43361)
+++ data/CVE/list 2016-07-22 04:53:33 UTC (rev 43362)
@@ -402,6 +402,11 @@
NOTE: https://github.com/libgd/libgd/commit/ff9113c80a32205d45205d3ea30965b25480e0fb
NOTE: https://github.com/libgd/libgd/commit/f60ec7a546499f9446063a4dbe755be9523d8232
NOTE: https://github.com/libgd/libgd/commit/7a28c235890c95e6010e7b0d0f7c7369367168ef
+ - php7.0 <unfixed> (unimportant)
+ - php5 <unfixed> (unimportant)
+ NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72558
+ NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
CVE-2016-6209 [Reflected XSS vulnerability and possible phishing vector]
RESERVED
- nagios3 <unfixed> (bug #831698)
More information about the Secure-testing-commits
mailing list