Author: carnil
Date: 2017-07-24 04:25:50 +0000 (Mon, 24 Jul 2017)
New Revision: 53848
Modified:
data/CVE/list
Log:
CVE-2017-11146 rejected
Further investigation showed that there were no independly fixable
security issue.
The correct fix furthermore for CVE-2017-11145 is
e8b7698f5ee757ce2c8bd10a192a491a498f891c .
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-24 04:19:21 UTC (rev 53847)
+++ data/CVE/list 2017-07-24 04:25:50 UTC (rev 53848)
@@ -1073,10 +1073,6 @@
RESERVED
CVE-2017-11146
REJECTED
- - php7.1 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
- - php7.0 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
- - php5 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
- NOTE:
https://github.com/php/php-src/commit/e8b7698f5ee757ce2c8bd10a192a491a498f891c
CVE-2017-11145 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before
7.1.7, an ...)
{DLA-1034-1}
- php7.1 <unfixed>
@@ -1084,12 +1080,7 @@
- php5 <removed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74819
NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
- NOTE: https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75
- NOTE: When fixing this CVE make sure to make the fix complete, as per
- NOTE: https://marc.info/?l=oss-security&m=149969403317810&w=2 to not
- NOTE: open CVE-2017-11146. Make sure to apply as well the following
- NOTE: commit:
- NOTE:
https://github.com/php/php-src/commit/e8b7698f5ee757ce2c8bd10a192a491a498f891c
+ NOTE: Fixed by:
https://github.com/php/php-src/commit/e8b7698f5ee757ce2c8bd10a192a491a498f891c
NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
CVE-2017-1000362 (The re-key admin monitor was introduced in Jenkins 1.498 and
...)
- jenkins <removed>
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
