[Secure-testing-commits] r42747 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jun 23 16:21:58 UTC 2016
Author: carnil
Date: 2016-06-23 16:21:58 +0000 (Thu, 23 Jun 2016)
New Revision: 42747
Modified:
data/CVE/list
Log:
Add indication for fixed version upstream for CVE-2016-5767
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-23 16:21:09 UTC (rev 42746)
+++ data/CVE/list 2016-06-23 16:21:58 UTC (rev 42747)
@@ -10,8 +10,8 @@
NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72446
NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6
+ NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
- libgd2 <unfixed>
- TODO: check
CVE-2016-5766 [Integer Overflow in _gd2GetHeader() resulting in heap overflow]
- php7.0 <unfixed> (unimportant)
- php5 <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list