[Secure-testing-commits] r44471 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 10 05:45:25 UTC 2016
Author: carnil
Date: 2016-09-10 05:45:25 +0000 (Sat, 10 Sep 2016)
New Revision: 44471
Modified:
data/CVE/list
Log:
Update status and information for jessie for libphp-adodb issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-10 05:32:47 UTC (rev 44470)
+++ data/CVE/list 2016-09-10 05:45:25 UTC (rev 44471)
@@ -119,8 +119,11 @@
- imagemagick <unfixed> (bug #836776)
CVE-2016-XXXX [incorrect quoting may allow SQL injection]
- libphp-adodb <unfixed>
+ [jessie] - libphp-adodb <no-dsa> (Minor issue, can be fixed via point release)
NOTE: https://github.com/ADOdb/ADOdb/issues/226
NOTE: https://github.com/ADOdb/ADOdb/commit/bd9eca9
+ NOTE: Issue only with the PDO driver and only if queries built by inlining
+ NOTE: the quoted string (not recommended).
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/09/07/8
CVE-2016-7154 [use after free in FIFO event channel code]
RESERVED
More information about the Secure-testing-commits
mailing list