[Secure-testing-commits] r53453 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 13 19:30:14 UTC 2017
Author: carnil
Date: 2017-07-13 19:30:13 +0000 (Thu, 13 Jul 2017)
New Revision: 53453
Modified:
data/CVE/list
Log:
Add information for CVE-2017-11146
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-13 19:27:19 UTC (rev 53452)
+++ data/CVE/list 2017-07-13 19:30:13 UTC (rev 53453)
@@ -170,7 +170,9 @@
CVE-2017-11148
RESERVED
CVE-2017-11146 (In PHP through 5.6.31, 7.x through 7.0.21, and 7.1.x through 7.1.7, ...)
- TODO: check
+ - php7.1 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
+ - php7.0 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
+ - php5 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
CVE-2017-11145 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, lack ...)
- php7.1 <unfixed>
- php7.0 <unfixed>
@@ -178,6 +180,12 @@
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74819
NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
NOTE: https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75
+ NOTE: When fixing this CVE make sure to make the fix complete, as per
+ NOTE: https://marc.info/?l=oss-security&m=149969403317810&w=2 to not
+ NOTE: open CVE-2017-11146.
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74819
+ NOTE: https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75
+ NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
CVE-2017-1000362
RESERVED
CVE-2017-1000081
More information about the Secure-testing-commits
mailing list