[Git][security-tracker-team/security-tracker][master] Add CVE-2019-11048/php*

Salvatore Bonaccorso carnil at debian.org
Thu May 21 08:15:03 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a60bbb7a by Salvatore Bonaccorso at 2020-05-21T09:14:35+02:00
Add CVE-2019-11048/php*

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59173,7 +59173,19 @@ CVE-2019-11049 (In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when su
 	NOTE: Fixed in PHP 7.4.1, 7.3.13
 	NOTE: PHP Bug: http://bugs.php.net/78943
 CVE-2019-11048 (In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below ...)
-	TODO: check
+	- php7.4 <unfixed>
+	- php7.3 <removed>
+	- php7.0 <removed>
+	- php5 <removed>
+	NOTE: Fixed in PHP 7.2.31, 7.3.18, 7.4.6
+	NOTE: PHP Bug: https://bugs.php.net/78875
+	NOTE: PHP Bug: https://bugs.php.net/78876
+	NOTE: https://github.com/php/php-src/commit/f43041250f82ed69bd4575655984fbfc842da266
+	NOTE: https://github.com/php/php-src/commit/1c9bd513ac5c7c1d13d7f0dfa7c16a7ad2ce0f87
+	NOTE: php-7.4: https://github.com/php/php-src/commit/a3924ab6542a358a3099de992b63b932a9570add
+	NOTE: php-7.3: https://github.com/php/php-src/commit/f43041250f82ed69bd4575655984fbfc842da266
+	NOTE: php-7.2: https://github.com/php/php-src/commit/f43041250f82ed69bd4575655984fbfc842da266
+	NOTE: php-7.2: https://github.com/php/php-src/commit/1c9bd513ac5c7c1d13d7f0dfa7c16a7ad2ce0f87
 CVE-2019-11047 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
 	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
 	- php7.3 7.3.15-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a60bbb7a49dc2be11b54a94f46d53523fc6c9f66

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a60bbb7a49dc2be11b54a94f46d53523fc6c9f66
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200521/75daca9a/attachment.html>

More information about the debian-security-tracker-commits mailing list