[Secure-testing-commits] r42380 - in data: . CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Jun 7 14:35:55 UTC 2016 

Author: jmm
Date: 2016-06-07 14:35:55 +0000 (Tue, 07 Jun 2016)
New Revision: 42380

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
new hhvm issues (related to PHP bugs)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-07 13:59:05 UTC (rev 42379)
+++ data/CVE/list	2016-06-07 14:35:55 UTC (rev 42380)
@@ -2471,10 +2471,12 @@
 	{DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
+	- hhvm <unfixed>
 	NOTE: https://bugs.php.net/bug.php?id=72099
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=dccda88f27a084bcbbb30198ace12b4e7ae961cc
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
+	NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/7290b3bbcaa1e10a8d807fab3242204e9ec3a015
 CVE-2016-4537 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, ...)
 	{DLA-499-1}
 	- php7.0 7.0.6-1
@@ -3945,10 +3947,12 @@
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
+	- hhvm <unfixed>
 	NOTE: Fixed in 7.0.5, 5.6.20, 5.5.34
 	NOTE: https://bugs.php.net/bug.php?id=71798
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=95433e8e339dbb6b5d5541473c1661db6ba2c451
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
+	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/ea6ff01f6c31f1615a935ef96622d623a6277d37
 CVE-2016-4071 (Format string vulnerability in the php_snmp_error function in ...)
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
@@ -4095,6 +4099,7 @@
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
 	- file 1:5.24-1
+	- hhvm <unfixed>
 	[jessie] - file <no-dsa> (Minor issue, magic file needs to be under attacker control)
 	NOTE: http://bugs.gw.com/view.php?id=522
 	NOTE: https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36
@@ -4102,6 +4107,7 @@
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=fe13566c93f118a15a96320a546c7878fd0cfc5e
 	NOTE: PHP fixed in 7.0.5, 5.6.20, 5.5.34
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
+	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/4e614ba041e24af8351afbb49c92444c0850f23b
 CVE-2016-3993 (Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c ...)
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #819818)
@@ -6155,11 +6161,13 @@
 	- libgd2 2.1.1-4.1 (bug #822242)
 	- php5 5.6.21+dfsg-1 (unimportant)
 	- php7.0 7.0.6-1 (unimportant)
-	- hhvm <not-affected> (Implements additional sanity checks)
+	- hhvm <unfixed> (unimportant)
+	NOTE: HHVM implements additional sanity checks, not directly epxloitable
 	NOTE: PoC: https://github.com/dyntopia/exploits/tree/master/CVE-2016-3074
 	NOTE: Upstream fix: https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=71912
+	NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/29a6487d648d1593e1e2fa615d9b3a844756ddc3
 	TODO: check (texlive, libwmf)
 CVE-2016-3073
 	RESERVED
@@ -8597,7 +8605,7 @@
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=54c210d2ea9b8539edcde1888b1104b96b38e886
 	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
 	- hhvm 3.12.1+dfsg-1
-	NOTE: https://github.com/facebook/hhvm/commit/eae73029336e4d577707cb8a0527f22cb8a4588a
+	NOTE: https://github.com/facebook/hhvm/commit/381702ffbfdae170ba3fff97d6cc1b9c69666854
 CVE-2016-4348 (The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows ...)
 	{DSA-3584-1 DLA-477-1}
 	- librsvg 2.40.12-1
@@ -10435,8 +10443,10 @@
 	[squeeze] - php5 <not-affected> (Vulnerable code not present, check in gdImageRotate() already available)
 	- php5.6 5.6.17+dfsg-1
 	- php7.0 7.0.2-1
+	- hhvm <unfixed>
 	NOTE: https://bugs.php.net/bug.php?id=70976
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=4b8394dd78571826ac66a69dc240c623f31d78f8
+	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/f91abcc3b156823688c54158fc4fa36d87570afe
 CVE-2016-1901 (Integer overflow in the authenticate_post function in CGit before 0.12 ...)
 	{DSA-3545-1}
 	- cgit 0.11.2.git2.3.2-1.1 (bug #812411)
@@ -34616,12 +34626,14 @@
 	{DSA-3215-1 DLA-189-1}
 	- libgd2 2.1.0-5
 	- php5 5.6.5+dfsg-1 (unimportant)
+	- hhvm <unfixed>
 	NOTE: https://bugs.php.net/bug.php?id=68601
 	NOTE: Fix in libgd2: https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43
 	NOTE: Also related: https://bitbucket.org/libgd/gd-libgd/commits/81e9a993f2893d651d225646378e3fd1b7465467
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=07b5896a1389c3e865cbd2fb353806b2cefe4f5c
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd, the embedded copy was fixed upstream in 5.6.5
+	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/469990b43c294692493f15f8400560fe5d966a02
 CVE-2009-5147
 	RESERVED
 	{DLA-300-1 DLA-299-1}

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2016-06-07 13:59:05 UTC (rev 42379)
+++ data/dsa-needed.txt	2016-06-07 14:35:55 UTC (rev 42380)
@@ -35,6 +35,9 @@
 --
 openjpeg2 (jmm)
 --
+openssl
+  wait for next openssl update round  
+--
 php5
 --
 phpmyadmin (thijs)

More information about the Secure-testing-commits mailing list