[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2026-7259/php7.4 for bullseye

Fri, 15 May 2026 15:42:16 -0700 


Guilhem Moulin pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2c20f309 by Guilhem Moulin at 2026-05-16T00:41:51+02:00
Triage CVE-2026-7259/php7.4 for bullseye

- - - - -
aaaebf8a by Guilhem Moulin at 2026-05-16T00:41:52+02:00
Triage CVE-2025-14179/php7.4 for bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5937,9 +5937,10 @@ CVE-2025-14179 (In PHP versions 8.2.* before 8.2.31, 
8.3.* before 8.3.31, 8.4.*
        {DSA-6256-1 DSA-6255-1}
        - php8.4 8.4.21-1 (bug #1136054)
        - php8.2 <removed>
-       - php7.4 <removed>
+       - php7.4 <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://github.com/php/php-src/security/advisories/GHSA-w476-322c-wpvm
        NOTE: 
https://github.com/php/php-src/commit/3f40b65323dd1b85e9bab6878237d3867e449d5c
+       NOTE: Introduced with: 
https://github.com/php/php-src/commit/17a789e27c31ca13ba4bab6fcfc265d2dd0589a2 
(php-8.0.0RC2)
 CVE-2026-6104 (In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, 
when an en ...)
        {DSA-6256-1}
        - php8.4 8.4.21-1 (bug #1136054)
@@ -5951,9 +5952,10 @@ CVE-2026-7259 (In PHP versions 8.2.* before 8.2.31, 
8.3.* before 8.3.31, 8.4.* b
        {DSA-6256-1 DSA-6255-1}
        - php8.4 8.4.21-1 (bug #1136054)
        - php8.2 <removed>
-       - php7.4 <removed>
+       - php7.4 <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://github.com/php/php-src/security/advisories/GHSA-wm6j-2649-pv75
        NOTE: 
https://github.com/php/php-src/commit/79a054eae016c56409432e69aebc8ca908a88838
+       NOTE: Introduced with: 
https://github.com/php/php-src/commit/73455778d4ae35110a987f1019e548aff721c3af 
(php-8.0.0RC2)
 CVE-2026-6735 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* 
before ...)
        {DSA-6256-1 DSA-6255-1}
        - php8.4 8.4.21-1 (bug #1136054)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/97269bd8bd21ee7a7ce40fdd266c09c2141c1eb8...aaaebf8aa326dfad4bee08963c0c90938f3e02f7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/97269bd8bd21ee7a7ce40fdd266c09c2141c1eb8...aaaebf8aa326dfad4bee08963c0c90938f3e02f7
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to