[Secure-testing-commits] r53713 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 20 18:26:37 UTC 2017
Author: carnil
Date: 2017-07-20 18:26:37 +0000 (Thu, 20 Jul 2017)
New Revision: 53713
Modified:
data/CVE/list
Log:
Add commit to make fix for CVE-2017-11145 complete and not open CVE-2017-11146
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-20 16:22:18 UTC (rev 53712)
+++ data/CVE/list 2017-07-20 18:26:37 UTC (rev 53713)
@@ -852,6 +852,7 @@
- php7.1 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
- php7.0 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
- php5 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
+ NOTE: https://github.com/php/php-src/commit/e8b7698f5ee757ce2c8bd10a192a491a498f891c
CVE-2017-11145 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, lack ...)
- php7.1 <unfixed>
- php7.0 <unfixed>
@@ -861,7 +862,9 @@
NOTE: https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75
NOTE: When fixing this CVE make sure to make the fix complete, as per
NOTE: https://marc.info/?l=oss-security&m=149969403317810&w=2 to not
- NOTE: open CVE-2017-11146.
+ NOTE: open CVE-2017-11146. Make sure to apply as well the following
+ NOTE: commit:
+ NOTE: https://github.com/php/php-src/commit/e8b7698f5ee757ce2c8bd10a192a491a498f891c
NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
CVE-2017-1000362 (The re-key admin monitor was introduced in Jenkins 1.498 and ...)
- jenkins <removed>
More information about the Secure-testing-commits
mailing list