[Secure-testing-commits] r48307 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jan 23 20:30:55 UTC 2017
Author: carnil
Date: 2017-01-23 20:30:54 +0000 (Mon, 23 Jan 2017)
New Revision: 48307
Modified:
data/CVE/list
Log:
Mark the two php-getext issues as no-dsa for jessie, but should be fixed for stretch before getting new stable release
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-23 19:26:37 UTC (rev 48306)
+++ data/CVE/list 2017-01-23 20:30:54 UTC (rev 48307)
@@ -4394,6 +4394,7 @@
CVE-2015-8980 [Arbitrary code execution in select_string, ngettext and npgettext count parameter]
RESERVED
- php-gettext <unfixed> (bug #851770)
+ [jessie] - php-gettext <no-dsa> (Minor issue)
NOTE: http://seclists.org/fulldisclosure/2016/Aug/76
CVE-2015-8979 [remote stack buffer overflow]
RESERVED
@@ -24520,6 +24521,7 @@
CVE-2016-6175
RESERVED
- php-gettext <unfixed> (bug #851771)
+ [jessie] - php-gettext <no-dsa> (Minor issue)
[wheezy] - php-gettext <no-dsa> (Minor issue)
NOTE: https://bugs.launchpad.net/php-gettext/+bug/1606184
NOTE: https://kmkz-web-blog.blogspot.cz/2016/07/advisory-cve-2016-6175.html
More information about the Secure-testing-commits
mailing list