[Secure-testing-commits] r30021 - data/CVE

Yves-Alexis Perez Thu, 13 Nov 2014 01:37:33 -0800

Author: corsac
Date: 2014-11-13 09:36:04 +0000 (Thu, 13 Nov 2014)
New Revision: 30021


Modified:
   data/CVE/list
Log:
actually mark it as fixed by the DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-11-13 09:08:22 UTC (rev 30020)
+++ data/CVE/list       2014-11-13 09:36:04 UTC (rev 30021)
@@ -16017,13 +16017,12 @@
        [squeeze] - php5 <no-dsa> (Minor issue, can be fixed along with a 
future DSA)
        NOTE: 
http://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
 CVE-2013-7345 (The BEGIN regular expression in the awk script detector in ...)
-       {DSA-2873-1}
+       {DSA-2873-1 DSA-3064-1}
        - file 1:5.17-0.1 (bug #703993)
        NOTE: http://bugs.gw.com/view.php?id=164
        NOTE: fixed in commit ef2329cf71acb59204dd981e2c6cce6c81fe467c
        - php5 5.6.0+dfsg-1
        [squeeze] - php5 <not-affected>
-       [wheezy] - 5.4.34-0+deb7u1
        NOTE: Wheezy's php5 is vulnerable in 5.4.4-14+deb7u14. Verified by 
rebuilding
        NOTE: magic.mgc out of ext/fileinfo/data_info.c and "strings magic.mgc 
|grep BEGIN"
        NOTE: returns "^\s*BEGIN\s*[{]". Same test in squeeze does not


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r30021 - data/CVE

Reply via email to