[Secure-testing-commits] r43499 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-26 18:34:54 +0000 (Tue, 26 Jul 2016)
New Revision: 43499

Modified:
   data/CVE/list
Log:
php5 fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-07-26 18:32:28 UTC (rev 43498)
+++ data/CVE/list	2016-07-26 18:34:54 UTC (rev 43499)
@@ -44,14 +44,14 @@
 CVE-2016-6297 [Stack-based buffer overflow vulnerability in php_stream_zip_opener]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72520
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=81406c0c1d45f75fcc7972ed974d2597abb0b9e9
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6296 [heap-buffer-overflow (write) simplestring_addn simplestring.c]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72606
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=e6c48213c22ed50b2b987b479fcc1ac709394caa
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
@@ -59,14 +59,14 @@
 CVE-2016-6295 [Use After Free Vulnerability in SNMP with GC and unserialize()]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72479
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=cab1c3b3708eead315e033359d07049b23b147a3
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6294 [locale_accept_from_http out-of-bounds access]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72533
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
@@ -76,28 +76,28 @@
 CVE-2016-6292 [NULL Pointer Dereference in exif_process_user_comment]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72618
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6291 [Out of bound read in exif_process_IFD_in_MAKERNOTE]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72603
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=eebcbd5de38a0f1c2876035402cb770e37476519
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6290 [Use After Free in unserialize() with Unexpected Session Deserialization]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72562
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=3798eb6fd5dddb211b01d41495072fd9858d4e32
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6289 [Stack-based buffer overflow vulnerability in virtual_file_ex]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72513
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0218acb7e756a469099c4ccfb22bce6c2bd1ef87
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
@@ -554,7 +554,7 @@
 	NOTE: https://github.com/libgd/libgd/commit/f60ec7a546499f9446063a4dbe755be9523d8232
 	NOTE: https://github.com/libgd/libgd/commit/7a28c235890c95e6010e7b0d0f7c7369367168ef
 	- php7.0 7.0.9-1 (unimportant)
-	- php5 <unfixed> (unimportant)
+	- php5 5.6.24+dfsg-1 (unimportant)
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72558
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
@@ -2770,7 +2770,7 @@
 CVE-2016-5399 [Improper error handling in bzread()]
 	RESERVED
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72613
 	NOTE: Partial fixes in 7.0.9, 5.6.24, 5.5.38
 	NOTE: CVE is assigned for the issue in PHP in adequate error handling in the
@@ -2828,7 +2828,7 @@
 	- golang <unfixed>
 CVE-2016-5385 (PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 ...)
 	- php7.0 7.0.9-1
-	- php5 <unfixed>
+	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72573
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-5384