[Secure-testing-commits] r53596 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jul 18 04:33:28 UTC 2017
Author: carnil
Date: 2017-07-18 04:33:27 +0000 (Tue, 18 Jul 2017)
New Revision: 53596
Modified:
data/CVE/list
Log:
Update CVE-2017-11143 status
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-18 04:30:56 UTC (rev 53595)
+++ data/CVE/list 2017-07-18 04:33:27 UTC (rev 53596)
@@ -1328,13 +1328,12 @@
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=91826a311dd37f4c4e5d605fa7af331e80ddd4c3
NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
CVE-2017-11143 (In PHP before 5.6.31, an invalid free in the WDDX deserialization of ...)
- - php7.1 <unfixed>
- - php7.0 <unfixed>
+ - php7.1 <not-affected> (Only affected 5.6)
+ - php7.0 <not-affected> (Only affected 5.6)
- php5 <removed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74145
NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7
NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f269cdcd4f76accbecd03884f327cffb9a7f1ca9
- TODO: check, claimed to be fixed in 7.0.21 but not listed, needs double-check
NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
CVE-2017-11142 (In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote ...)
- php7.1 7.1.3+-1
More information about the Secure-testing-commits
mailing list