[Git][security-tracker-team/security-tracker][master] hhvm fixed

Moritz Muehlenhoff jmm at debian.org
Wed May 9 18:44:55 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
da44768e by Moritz Muehlenhoff at 2018-05-09T19:44:22+02:00
hhvm fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -11961,19 +11961,19 @@ CVE-2018-6336
 	RESERVED
 CVE-2018-6335
 	RESERVED
-	- hhvm <unfixed>
+	- hhvm 3.24.7+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56
 	NOTE: https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html
 CVE-2018-6334 [ability to override global variables and members of $GLOBALS via file uploads]
 	RESERVED
-	- hhvm <unfixed> (bug #895194)
+	- hhvm 3.24.7+dfsg-1 (bug #895194)
 	NOTE: https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html
 	NOTE: https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff
 CVE-2018-6333
 	RESERVED
 CVE-2018-6332 [denial-of-service issue in the Proxygen handling of invalid HTTP2 settings]
 	RESERVED
-	- hhvm <unfixed> (bug #895194)
+	- hhvm 3.24.7+dfsg-1 (bug #895194)
 	NOTE: https://hhvm.com/blog/2018/03/15/hhvm-3.25.html
 CVE-2018-6331
 	RESERVED
@@ -13938,7 +13938,7 @@ CVE-2018-5711 (gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PH
 	- php7.1 7.1.13-1 (unimportant)
 	- php7.0 7.0.27-1 (unimportant)
 	- php5 <removed> (unimportant)
-	- hhvm <unfixed>
+	- hhvm 3.24.7+dfsg-1
 	NOTE: Fixed in 5.6.33, 7.0.27, 7.1.13, 7.2.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75571
 	NOTE: https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html (has a typo, pinged them for correction)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/da44768e4122fe5cd54032c0e111d09bcc4de16f

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/da44768e4122fe5cd54032c0e111d09bcc4de16f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180509/08a54ca1/attachment.html>

More information about the debian-security-tracker-commits mailing list