[Secure-testing-commits] r46320 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 18 14:34:41 UTC 2016
Author: carnil
Date: 2016-11-18 14:34:40 +0000 (Fri, 18 Nov 2016)
New Revision: 46320
Modified:
data/CVE/list
Log:
Reference (yet private) ICU upstream bug for CVE-2016-7415
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-18 14:23:42 UTC (rev 46319)
+++ data/CVE/list 2016-11-18 14:34:40 UTC (rev 46320)
@@ -5991,7 +5991,7 @@
NOTE: Related code in http://source.icu-project.org/repos/icu/icu/trunk/source/common/locid.cpp file
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73007
NOTE: PHP fix: https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1
- NOTE: Unclear how this should be fixed for icu, if at all. Issue is mainly in PHP.
+ NOTE: Upstream bug: http://bugs.icu-project.org/trac/ticket/12745
CVE-2016-7414 (The ZIP signature-verification feature in PHP before 5.6.26 and 7.x ...)
{DSA-3689-1}
- php7.0 7.0.11-1
More information about the Secure-testing-commits
mailing list