Author: carnil Date: 2015-05-18 12:09:31 +0000 (Mon, 18 May 2015) New Revision: 34322
Modified: data/CVE/list Log: Updates for more CVE requests for php5 Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-05-18 05:10:16 UTC (rev 34321) +++ data/CVE/list 2015-05-18 12:09:31 UTC (rev 34322) @@ -1,3 +1,19 @@ +CVE-2015-XXXX [various functions allow \0 in paths where they shouldn't] + - php5 <unfixed> + NOTE: https://bugs.php.net/bug.php?id=69418 + NOTE: https://bugs.php.net/bug.php?id=68598 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/18/2 + TODO: check +CVE-2015-XXXX [DoS possibility due to ineffective parsing of form data] + - php5 <unfixed> + NOTE: https://bugs.php.net/bug.php?id=69364 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/18/2 + TODO: check +CVE-2015-XXXX [integer overflow on reading FTP server data leading to heap overflow] + - php5 <unfixed> + NOTE: https://bugs.php.net/bug.php?id=69545 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/18/2 + TODO: check CVE-2015-XXXX [Memory Corruption in phar_parse_tarfile when entry filename starts with null] - php5 <unfixed> NOTE: https://bugs.php.net/bug.php?id=69453 @@ -2,3 +18,3 @@ NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/17/2 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/17/2 and http://www.openwall.com/lists/oss-security/2015/05/18/2 TODO: check _______________________________________________ Secure-testing-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
