[Secure-testing-commits] r43363 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jul 22 04:57:42 UTC 2016
Author: carnil
Date: 2016-07-22 04:57:42 +0000 (Fri, 22 Jul 2016)
New Revision: 43363
Modified:
data/CVE/list
Log:
Expand fixed versions for CVE-2016-5399
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-22 04:53:33 UTC (rev 43362)
+++ data/CVE/list 2016-07-22 04:57:42 UTC (rev 43363)
@@ -2605,7 +2605,7 @@
- php7.0 <unfixed>
- php5 <unfixed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72613
- NOTE: Partial fixes in 7.0.9, 5.5.38
+ NOTE: Partial fixes in 7.0.9, 5.6.24, 5.5.38
NOTE: CVE is assigned for the issue in PHP in adequate error handling in the
NOTE: bzread() function. Disputed by PHP upstream, which considers that the
NOTE: underlying bzip2 library is at fault.
More information about the Secure-testing-commits
mailing list