[Git][security-tracker-team/security-tracker][master] PHP patch references

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d0d9cb1 by Moritz Muehlenhoff at 2019-02-25T12:00:12Z
PHP patch references
vim unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -127,10 +127,11 @@ CVE-2019-9079
 CVE-2019-9078 (zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter ...)
 	NOT-FOR-US: zzcms
 CVE-2018-20786 (libvterm through 0+bzr726, as used in Vim and other products, ...)
-	- vim 2:8.1.0693-1
-	- libvterm <unfixed>
+	- vim 2:8.1.0693-1 (unimportant)
+	- libvterm <unfixed> (unimportant)
 	NOTE: https://github.com/vim/vim/commit/cd929f7ba8cc5b6d6dcf35c8b34124e969fed6b8
 	NOTE: MISC:https://github.com/vim/vim/issues/3711
+	NOTE: No security impact
 CVE-2019-9077 (An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
@@ -299,6 +300,7 @@ CVE-2019-9024 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26,
 	- php5 <removed>
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77380
+	NOTE: https://github.com/php/php-src/commit/4feb9e66ff9636ad44bc23a91b7ebd37d83ddf1d (7.1)
 CVE-2019-9023 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
 	{DLA-1679-1}
 	- php7.3 7.3.1-1
@@ -312,12 +314,17 @@ CVE-2019-9023 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26,
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77385
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77394
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77418
+	NOTE: https://github.com/php/php-src/commit/20407d06ca3cb5eeb10f876a812b40c381574bcc (7.1)
+	NOTE: https://github.com/php/php-src/commit/31f59e1f3074ab344b473dde6077a6844ca87264 (7.1)
+	NOTE: https://github.com/php/php-src/commit/28362ed4fae6969b5a8878591a5a06eadf114e03 (7.1)
+	NOTE: https://github.com/php/php-src/commit/9d6c59eeea88a3e9d7039cb4fed5126ef704593a (7.1)
 CVE-2019-9022 (An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, ...)
 	- php7.3 7.3.2-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.26, 7.2.14, 7.3.2
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77369
+	NOTE: https://github.com/php/php-src/commit/8d3dfabef459fe7815e8ea2fd68753fd17859d7b (7.1)
 CVE-2019-9021 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
 	{DLA-1679-1}
 	- php7.3 7.3.1-1
@@ -325,6 +332,7 @@ CVE-2019-9021 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26,
 	- php5 <removed>
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77247
+	NOTE: https://github.com/php/php-src/commit/78bd3477745f1ada9578a79f61edb41886bec1cb (7.1)
 CVE-2019-9020 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
 	{DLA-1679-1}
 	- php7.3 7.3.1-1
@@ -333,6 +341,7 @@ CVE-2019-9020 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26,
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77242
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77249
+	NOTE: https://github.com/php/php-src/commit/9c62b95e5e6a1ac3922a8819f2d56d8ea998d97a (7.1)
 CVE-2019-9018
 	RESERVED
 CVE-2019-9017



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d0d9cb17e9de61f6475112ab366a2825e882ebe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d0d9cb17e9de61f6475112ab366a2825e882ebe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190225/a67d1442/attachment.html>