[Secure-testing-commits] r42746 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jun 23 16:21:09 UTC 2016
Author: carnil
Date: 2016-06-23 16:21:09 +0000 (Thu, 23 Jun 2016)
New Revision: 42746
Modified:
data/CVE/list
Log:
Add CVE-2016-5768
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-23 16:13:45 UTC (rev 42745)
+++ data/CVE/list 2016-06-23 16:21:09 UTC (rev 42746)
@@ -1,3 +1,9 @@
+CVE-2016-5768 [_php_mb_regex_ereg_replace_exec - double free]
+ - php7 <unfixed>
+ - php5 <unfixed>
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72402
+ NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5b597a2e5b28e2d5a52fc1be13f425f08f47cb62
+ NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
CVE-2016-5767 [Integer Overflow in gdImagePaletteToTrueColor() resulting heap overflow]
- php7.0 <unfixed> (unimportant)
- php5 <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list