[Secure-testing-commits] r42766 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jun 24 10:38:47 UTC 2016 

Author: carnil
Date: 2016-06-24 10:38:47 +0000 (Fri, 24 Jun 2016)
New Revision: 42766

Modified:
   data/CVE/list
Log:
php7.0 issues fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-24 10:35:39 UTC (rev 42765)
+++ data/CVE/list	2016-06-24 10:38:47 UTC (rev 42766)
@@ -27,13 +27,13 @@
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 CVE-2016-5773 [ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize]
-	- php7.0 <unfixed>
+	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72434
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f6aef68089221c5ea047d4a74224ee3deead99a6
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5772 [Double Free Courruption in wddx_deserialize]
-	- php7.0 <unfixed>
+	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72340
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
@@ -46,25 +46,25 @@
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 	TODO: check if really affects 7.x, CVE assignment claims not
 CVE-2016-5770 [int/size_t confusion in SplFileObject::fread]
-	- php7.0 <unfixed>
+	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72262
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=7245bff300d3fa8bacbef7897ff080a6f1c23eba
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5769 [Heap Overflow due to integer overflows]
-	- php7.0 <unfixed>
+	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72455
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5768 [_php_mb_regex_ereg_replace_exec - double free]
-	- php7 <unfixed>
+	- php7 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72402
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5b597a2e5b28e2d5a52fc1be13f425f08f47cb62
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5767 [Integer Overflow in gdImagePaletteToTrueColor() resulting heap overflow]
-	- php7.0 <unfixed> (unimportant)
+	- php7.0 7.0.8-1 (unimportant)
 	- php5 5.6.23+dfsg-1 (unimportant)
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72446
@@ -73,7 +73,7 @@
 	- libgd2 2.0.34~rc1-1
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/cfee163a5e848fc3e3fb1d05a30d7557cdd36457 (GD_2_0_34RC1)
 CVE-2016-5766 [Integer Overflow in _gd2GetHeader() resulting in heap overflow]
-	- php7.0 <unfixed> (unimportant)
+	- php7.0 7.0.8-1 (unimportant)
 	- php5 5.6.23+dfsg-1 (unimportant)
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72339

More information about the Secure-testing-commits mailing list