[Secure-testing-commits] r48610 - in data: CVE DLA

Tue, 31 Jan 2017 05:10:46 -0800 

Author: carnil
Date: 2017-01-31 13:10:24 +0000 (Tue, 31 Jan 2017)
New Revision: 48610

Modified:
   data/CVE/list
   data/DLA/list
Log:
php5: Add CVE-2016-7125 to DLA-628-1 list since apparently fixed there

This quraantees the cross references are built correctly. Otherwise the
explicitly added DLA-628-1 will be removed on next autoupdate.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-01-31 13:10:09 UTC (rev 48609)
+++ data/CVE/list       2017-01-31 13:10:24 UTC (rev 48610)
@@ -21597,14 +21597,12 @@
        {DSA-3689-1 DLA-628-1}
        - php7.0 7.0.10-1
        - php5 5.6.26+dfsg-1
-       [wheezy] - php5 5.4.45-0+deb7u5
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72681
        NOTE: Fixed in 7.0.10, 5.6.25
        NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
        NOTE: 
https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1
        NOTE: Scope of CVE also includes the "The similar issue also exist in 
session php_binary
        NOTE: handler" part of 72681.
-       NOTE: This was addressed in DLA-628-1 while the CVE ID was still 
temporary.
 CVE-2016-7124 (ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x 
before ...)
        {DSA-3689-1 DLA-749-1}
        - php7.0 7.0.10-1

Modified: data/DLA/list
===================================================================
--- data/DLA/list       2017-01-31 13:10:09 UTC (rev 48609)
+++ data/DLA/list       2017-01-31 13:10:24 UTC (rev 48610)
@@ -563,7 +563,7 @@
        {CVE-2016-6801}
        [wheezy] - jackrabbit 2.3.6-1+deb7u2
 [18 Sep 2016] DLA-628-1 php5 - security update
-       {CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399 CVE-2016-5768 
CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 
CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 
CVE-2016-6295 CVE-2016-6296 CVE-2016-6297}
+       {CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399 CVE-2016-5768 
CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 
CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 
CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 CVE-2016-7125}
        [wheezy] - php5 5.4.45-0+deb7u5
 [18 Sep 2016] DLA-627-1 pdns - security update
        {CVE-2016-5426 CVE-2016-5427 CVE-2016-6172}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to