Author: carnil
Date: 2016-09-18 12:01:18 +0000 (Sun, 18 Sep 2016)
New Revision: 44708

Modified:
   data/CVE/list
Log:
Three CVEs fixed for php7.0 with 7.0.11-1 upload to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-09-18 11:59:19 UTC (rev 44707)
+++ data/CVE/list       2016-09-18 12:01:18 UTC (rev 44708)
@@ -2237,7 +2237,7 @@
        RESERVED
 CVE-2016-7418 [Out-Of-Bounds Read in php_wddx_push_element]
        RESERVED
-       - php7.0 <unfixed>
+       - php7.0 7.0.11-1
        - php5 5.6.26+dfsg-1
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73065
        NOTE: Fixed in 7.0.11, 5.6.26
@@ -2246,14 +2246,14 @@
        NOTE: in the "[2016-09-12 06:44 UTC]" comment.
 CVE-2016-7417 [Missing type check when unserializing SplArray]
        RESERVED
-       - php7.0 <unfixed>
+       - php7.0 7.0.11-1
        - php5 5.6.26+dfsg-1
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73029
        NOTE: Fixed in 7.0.11, 5.6.26
        NOTE: 
https://github.com/php/php-src/commit/ecb7f58a069be0dec4a6131b6351a761f808f22e?w=1
 CVE-2016-7416 [add locale length check]
        RESERVED
-       - php7.0 <unfixed>
+       - php7.0 7.0.11-1
        - php5 5.6.26+dfsg-1
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73007
        NOTE: Fixed in 7.0.11, 5.6.26
@@ -2267,21 +2267,21 @@
        NOTE: Unclear how this should be fixed for icu, if at all. Issue is 
mainly in PHP.
 CVE-2016-7414 [Out of bound when verify signature of zip phar in 
phar_parse_zipfile]
        RESERVED
-       - php7.0 <unfixed>
+       - php7.0 7.0.11-1
        - php5 5.6.26+dfsg-1
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72928
        NOTE: Fixed in 7.0.11, 5.6.26
        NOTE: 
https://github.com/php/php-src/commit/0bfb970f43acd1e81d11be1154805f86655f15d5?w=1
 CVE-2016-7413 [wddx_deserialize use-after-free]
        RESERVED
-       - php7.0 <unfixed>
+       - php7.0 7.0.11-1
        - php5 5.6.26+dfsg-1
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72860
        NOTE: Fixed in 7.0.11, 5.6.26
        NOTE: 
https://github.com/php/php-src/commit/b88393f08a558eec14964a55d3c680fe67407712?w=1
 CVE-2016-7412 [Heap overflow in mysqlnd related to BIT fields]
        RESERVED
-       - php7.0 <unfixed>
+       - php7.0 7.0.11-1
        - php5 5.6.26+dfsg-1
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72293
        NOTE: Fixed in 7.0.11, 5.6.26


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to