[Git][security-tracker-team/security-tracker][master] Add "new" PHP issue (CVE-2018-20783)

Thu Feb 21 20:56:34 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cf338d44 by Salvatore Bonaccorso at 2019-02-21T20:55:57Z
Add "new" PHP issue (CVE-2018-20783)

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,12 @@ CVE-2019-8982 (com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 .
 CVE-2019-8981
 	RESERVED
 CVE-2018-20783 (In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x ...)
-	TODO: check
+	- php7.3 <undetermined>
+	- php7.0 <removed>
+	- php5 <removed>
+        NOTE: Fixed in 5.6.39, 7.0.33, 7.1.25, 7.2.13
+	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77143
+	TODO: check, php7.3
 CVE-2018-1002161 [SQL injection in multiple remote calls]
 	- koji <unfixed>
 	NOTE: https://docs.pagure.org/koji/CVE-2018-1002161/


=====================================
data/DLA/list
=====================================
@@ -230,7 +230,7 @@
 	{CVE-2018-11759}
 	[jessie] - libapache-mod-jk 1:1.2.46-0+deb8u1
 [16 Dec 2018] DLA-1608-1 php5 - security update
-	{CVE-2018-19518 CVE-2018-19935}
+	{CVE-2018-19518 CVE-2018-19935 CVE-2018-20783}
 	[jessie] - php5 5.6.39+dfsg-0+deb8u1
 [15 Dec 2018] DLA-1607-1 samba - security update
 	{CVE-2018-14629 CVE-2018-16851}


=====================================
data/DSA/list
=====================================
@@ -136,7 +136,7 @@
 	{CVE-2018-12405 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498}
 	[stretch] - firefox-esr 60.4.0esr-1~deb9u1
 [10 Dec 2018] DSA-4353-1 php7.0 - security update
-	{CVE-2018-14851 CVE-2018-14883 CVE-2018-17082 CVE-2018-19518 CVE-2018-19935}
+	{CVE-2018-14851 CVE-2018-14883 CVE-2018-17082 CVE-2018-19518 CVE-2018-19935 CVE-2018-20783}
 	[stretch] - php7.0 7.0.33-0+deb9u1
 [07 Dec 2018] DSA-4352-1 chromium-browser - security update
 	{CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343 CVE-2018-18344 CVE-2018-18345 CVE-2018-18346 CVE-2018-18347 CVE-2018-18348 CVE-2018-18349 CVE-2018-18350 CVE-2018-18351 CVE-2018-18352 CVE-2018-18353 CVE-2018-18354 CVE-2018-18355 CVE-2018-18356 CVE-2018-18357 CVE-2018-18358 CVE-2018-18359 CVE-2018-20346 CVE-2018-20070 CVE-2018-20068 CVE-2018-20067 CVE-2018-20066 CVE-2018-20065}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf338d44914ece1f3adda26e63006de29e50f819

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf338d44914ece1f3adda26e63006de29e50f819
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190221/1a881827/attachment-0001.html>
