[Secure-testing-commits] r53222 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 6 12:24:42 UTC 2017
Author: carnil
Date: 2017-07-06 12:24:42 +0000 (Thu, 06 Jul 2017)
New Revision: 53222
Modified:
data/CVE/list
Log:
Add one older php issue without CVE, but requested and addressed in 5.6.28
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-06 12:19:24 UTC (rev 53221)
+++ data/CVE/list 2017-07-06 12:24:42 UTC (rev 53222)
@@ -1,3 +1,11 @@
+CVE-2017-XXXX [parse_url return wrong hostname]
+ - php7.1 <not-affected> (Fixed with initial upload to unstable)
+ - php7.0 7.0.13-1
+ - php5 <removed>
+ [jessie] - php5 5.6.28+dfsg-0+deb8u1
+ NOTE: PHP bug: https://bugs.php.net/bug.php?id=73192
+ NOTE: Fixed in 7.1.0, 7.0.13, 5.6.28
+ NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=b061fa909de77085d3822a89ab901b934d0362c4
CVE-2017-XXXX [wddx_deserialize() heap out-of-bound read via php_parse_date()]
- php7.1 <unfixed>
- php7.0 <unfixed>
More information about the Secure-testing-commits
mailing list