[Secure-testing-commits] r49411 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Mar 4 16:38:25 UTC 2017


Author: carnil
Date: 2017-03-04 16:38:24 +0000 (Sat, 04 Mar 2017)
New Revision: 49411

Modified:
   data/CVE/list
Log:
Add reference for CVE-2017-5630

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-04 13:44:10 UTC (rev 49410)
+++ data/CVE/list	2017-03-04 16:38:24 UTC (rev 49411)
@@ -2405,6 +2405,7 @@
 CVE-2017-5630 (PECL in the download utility class in the Installer in PEAR Base System ...)
 	- php5 <unfixed> (unimportant)
 	- php-pear <unfixed> (unimportant)
+	NOTE: https://pear.php.net/bugs/bug.php?id=21171
 	NOTE: pear performs no kind of authentication/integrity checks for downloads, so an attacker can MITM freely anyway
 CVE-2017-5629
 	RESERVED




More information about the Secure-testing-commits mailing list