[Secure-testing-commits] r42047 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu May 26 14:17:34 UTC 2016
Author: carnil
Date: 2016-05-26 14:17:34 +0000 (Thu, 26 May 2016)
New Revision: 42047
Modified:
data/CVE/list
Log:
Add three more issues for php
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-26 14:09:58 UTC (rev 42046)
+++ data/CVE/list 2016-05-26 14:17:34 UTC (rev 42047)
@@ -8,6 +8,22 @@
NOTE: https://github.com/roundcube/roundcubemail/issues/5240
NOTE: https://github.com/roundcube/roundcubemail/pull/5241
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/25/8
+CVE-2016-XXXX [int/size_t confusion in fread]
+ - php5 5.6.22+dfsg-1
+ NOTE: PHP bug: https://bugs.php.net/bug.php?id=72114
+ NOTE: Fixed in 5.6.22, 5.5.36
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/25/3
+CVE-2016-XXXX [don't create strings with lengths outside int range]
+ - php5 5.6.22+dfsg-1
+ NOTE: PHP bug: https://bugs.php.net/bug.php?id=72135
+ NOTE: Fixed in 5.6.22, 5.5.36
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/25/3
+CVE-2016-XXXX [get_icu_value_internal out-of-bounds read]
+ - php7.0 7.0.7-1
+ - php5 5.6.22+dfsg-1
+ NOTE: PHP bug: https://bugs.php.net/bug.php?id=72241
+ NOTE: Fixed in 7.0.7, 5.6.22, 5.5.36
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/25/3
CVE-2013-XXXX [Fixed memory overrun bug in gdImageScaleTwoPass]
- libgd2 2.1.1-1
NOTE: https://github.com/libgd/libgd/commit/4f65a3e4eedaffa1efcf9ee1eb08f0b504fbc31a (gd-2.1.1)
More information about the Secure-testing-commits
mailing list