[Git][security-tracker-team/security-tracker][master] CVE-2018-10546,php5: Wheezy is not affected
Markus Koschany
apo at debian.org
Wed May 9 17:32:13 BST 2018
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d38efe2a by Markus Koschany at 2018-05-09T18:31:04+02:00
CVE-2018-10546,php5: Wheezy is not affected
The test case fails because php5 in Wheezy is not affected. The provided POC
does not cause an infinite loop.
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -689,6 +689,7 @@ CVE-2018-10546 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.3
- php7.1 <unfixed>
- php7.0 <unfixed>
- php5 <removed>
+ [wheezy] - php5 <not-affected> (does not cause an infinite loop)
NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76249
CVE-2018-10545 (An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, ...)
=====================================
data/DLA/list
=====================================
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,5 +1,5 @@
[09 May 2018] DLA-1373-1 php5 - security update
- {CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548}
+ {CVE-2018-10545 CVE-2018-10547 CVE-2018-10548}
[wheezy] - php5 5.4.45-0+deb7u14
[05 May 2018] DLA-1372-1 libdatetime-timezone-perl - new upstream version
[wheezy] - libdatetime-timezone-perl 1:1.58-1+2018e
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d38efe2a3fa2e6658d221c727ef8485a1f15d158
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d38efe2a3fa2e6658d221c727ef8485a1f15d158
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180509/7ba3a90b/attachment.html>
More information about the debian-security-tracker-commits
mailing list