[Secure-testing-commits] r53360 - data/CVE

Mon Jul 10 13:56:42 UTC 2017

Author: jmm
Date: 2017-07-10 13:56:42 +0000 (Mon, 10 Jul 2017)
New Revision: 53360

Modified:
   data/CVE/list
Log:
PHP CVEfied


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-07-10 10:06:38 UTC (rev 53359)
+++ data/CVE/list	2017-07-10 13:56:42 UTC (rev 53360)
@@ -128,9 +128,9 @@
 CVE-2017-11100 (When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead ...)
 	- swftools <unfixed> (unimportant)
 CVE-2017-11099 (When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to ...)
-	TODO: check
+	- swftools <unfixed>
 CVE-2017-11098 (When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead to ...)
-	TODO: check
+	- swftools <unfixed>
 CVE-2017-11097 (When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a ...)
 	- swftools <unfixed> (unimportant)
 CVE-2017-11096 (When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead ...)
@@ -426,14 +426,17 @@
 	NOTE: Fixed in 7.0.21
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7 (5.6.x)
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=6b18d956de38ecd8913c3d82ce96eb0368a1f9e5 (7.0.x)
-CVE-2017-XXXX [negative-size-param (-1) in memcpy in zif_openssl_seal()]
+CVE-2017-11144 [negative-size-param (-1) in memcpy in zif_openssl_seal()]
 	- php7.1 <unfixed>
 	- php7.0 <unfixed>
 	- php5 <removed>
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74651
-	NOTE: Fixed in 7.0.21
+	NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=89637c6b41b510c20d262c17483f582f115c66d6
-CVE-2017-XXXX [wddx parsing empty boolean tag leads to SIGSEGV]
+	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=73cabfedf519298e1a11192699f44d53c529315e
+	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=91826a311dd37f4c4e5d605fa7af331e80ddd4c3
+	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
+CVE-2017-11143 [wddx parsing empty boolean tag leads to SIGSEGV]
 	- php7.1 <unfixed>
 	- php7.0 <unfixed>
 	- php5 <removed>
@@ -441,13 +444,16 @@
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f269cdcd4f76accbecd03884f327cffb9a7f1ca9
 	TODO: check, claimed to be fixed in 7.0.21 but not listed, needs double-check
-CVE-2017-XXXX [Performance problem with processing post request over 2000000 chars]
+	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
+CVE-2017-11142 [Performance problem with processing post request over 2000000 chars]
 	- php7.1 7.1.3+-1
 	- php7.0 7.0.17-1
 	- php5 <removed>
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73807
-	NOTE: Fixed in 7.1.3, 7.0.17
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0f8cf3b8497dc45c010c44ed9e96518e11e19fc3
+	NOTE: Fixed in 7.1.3, 7.0.17, 5.6.31
+	NOTE: https://github.com/php/php-src/commit/a15bffd105ac28fd0dd9b596632dbf035238fda3
+	NOTE: https://github.com/php/php-src/commit/0f8cf3b8497dc45c010c44ed9e96518e11e19fc3
+	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
 CVE-2017-10972 (Uninitialized data in endianness conversion in the XEvent handling of ...)
 	{DSA-3905-1}
 	- xorg-server 2:1.19.3-2 (bug #867492)
@@ -463,7 +469,7 @@
 CVE-2017-10969
 	RESERVED
 CVE-2017-10968 (In FineCMS through 2017-07-07, application\core\controller\template.php ...)
-	TODO: check
+	NOT-FOR-US: FineCMS
 CVE-2017-10967 (In FineCMS before 2017-07-06, application\core\controller\config.php ...)
 	NOT-FOR-US: FineCMS
 CVE-2017-10966 (An issue was discovered in Irssi before 1.0.4. While updating the ...)


