[Secure-testing-commits] r42291 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2016-06-03 15:04:37 +0000 (Fri, 03 Jun 2016)
New Revision: 42291

Modified:
   data/CVE/list
Log:
two imagemagick entries confirmed
php issue specific to php7


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-03 14:35:41 UTC (rev 42290)
+++ data/CVE/list	2016-06-03 15:04:37 UTC (rev 42291)
@@ -350,14 +350,12 @@
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/34
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44
-	TODO: check versions
 CVE-2015-8897 [Out of bounds error in SpliceImage]
 	- imagemagick 8:6.8.9.9-7
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231
-	TODO: check versions
 CVE-2015-8896 [integer truncation issue]
 	{DLA-353-1}
 	- imagemagick 8:6.8.9.9-7 (bug #806441)
@@ -1052,8 +1050,6 @@
 	NOT-FOR-US: Citrix NetScaler Gateway
 CVE-2015-8880 (Double free vulnerability in the format printer in PHP 7.x before ...)
 	- php7.0 7.0.1-1
-	NOTE: Fixed in PHP 7.0.1
-	TODO: check, probably only PHP 7.x
 CVE-2015-8879 (The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 ...)
 	{DLA-499-1}
 	- php5 5.6.12+dfsg-1