[Secure-testing-commits] r43427 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jul 24 18:04:16 UTC 2016
Author: carnil
Date: 2016-07-24 18:04:16 +0000 (Sun, 24 Jul 2016)
New Revision: 43427
Modified:
data/CVE/list
Log:
Add CVE-2016-6293 (icu) and CVE-2016-6294 (php.*)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-24 17:56:57 UTC (rev 43426)
+++ data/CVE/list 2016-07-24 18:04:16 UTC (rev 43427)
@@ -2,6 +2,14 @@
- tiff <unfixed>
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2573
+CVE-2016-6294 [locale_accept_from_http out-of-bounds access]
+ - php7.0 <unfixed>
+ - php5 <unfixed>
+ NOTE: PHP Bug: https://bugs.php.net/72533
+ NOTE: http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4
+ NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
+CVE-2016-6293 [locale_accept_from_http out-of-bounds access]
+ - icu <unfixed>
CVE-2016-6292 [NULL Pointer Dereference in exif_process_user_comment]
- php7.0 <unfixed>
- php5 <unfixed>
More information about the Secure-testing-commits
mailing list