[Secure-testing-commits] r43633 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jul 30 04:44:16 UTC 2016
Author: carnil
Date: 2016-07-30 04:44:16 +0000 (Sat, 30 Jul 2016)
New Revision: 43633
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2016-6296, #832959, mark as no-dsa for Jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-30 00:46:49 UTC (rev 43632)
+++ data/CVE/list 2016-07-30 04:44:16 UTC (rev 43633)
@@ -529,7 +529,9 @@
NOTE: PHP Bug: https://bugs.php.net/72606
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=e6c48213c22ed50b2b987b479fcc1ac709394caa
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
- - xmlrpc-epi <unfixed>
+ - xmlrpc-epi <unfixed> (bug #832959)
+ [jessie] - xmlrpc-epi <no-dsa> (Can be fixed via point release, nothing depending on it in stable)
+ NOTE: In stretch/sid php7.0 is using the system library not the embedded one.
CVE-2016-6295 (ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x ...)
{DSA-3631-1}
- php7.0 7.0.9-1
More information about the Secure-testing-commits
mailing list