[Secure-testing-commits] r40171 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-03-05 07:34:57 +0000 (Sat, 05 Mar 2016)
New Revision: 40171

Modified:
   data/CVE/list
Log:
Add two more php issues without CVE

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-05 07:23:17 UTC (rev 40170)
+++ data/CVE/list	2016-03-05 07:34:57 UTC (rev 40171)
@@ -1,3 +1,13 @@
+CVE-2016-XXXX [Out-of-Bound Read in phar_parse_zipfile()]
+	- php5 <unfixed>
+	NOTE: https://bugs.php.net/bug.php?id=71498
+	NOTE: Fixed in 5.5.33, 5.6.19
+	TODO: check
+CVE-2016-XXXX [Use-After-Free / Double-Free in WDDX Deserialize]
+	- php5 <unfixed>
+	NOTE: https://bugs.php.net/bug.php?id=71587
+	NOTE: Fixed in 5.5.33, 5.6.19
+	TODO: check
 CVE-2016-XXXX [Double free or corruption in zcat]
 	- gzip <unfixed> (bug #816154)
 	TODO: check