Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
15a9801d by Salvatore Bonaccorso at 2019-07-10T20:59:42Z
Add CVE-2017-7189/php
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -121225,7 +121225,12 @@ CVE-2017-7192 (WebSocket.swift in Starscream before
2.0.4 allows an SSL Pinning
CVE-2017-7190
RESERVED
CVE-2017-7189 (main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses
fsocko ...)
- TODO: check
+ - php7.3 <unfixed>
+ - php7.0 <removed>
+ - php5 <removed>
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74192
+ NOTE:
https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a
+ NOTE: The commit was later on reverted again because of breaking some
features.
CVE-2017-7188 (Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack
with a b ...)
NOT-FOR-US: Zurmo
CVE-2017-7187 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel
through ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/15a9801d98a087053969d9738b53c7a58bd556f5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/15a9801d98a087053969d9738b53c7a58bd556f5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
