[Secure-testing-commits] r57807 - data/CVE

Roberto C. Sanchez Sat, 18 Nov 2017 19:57:07 -0800

Author: roberto
Date: 2017-11-19 03:56:43 +0000 (Sun, 19 Nov 2017)
New Revision: 57807


Modified:
   data/CVE/list
Log:
Note that CVE-2017-14107 also affects php5 and mark no-DSA in wheezy, not sure 
about jessie

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-19 03:55:53 UTC (rev 57806)
+++ data/CVE/list       2017-11-19 03:56:43 UTC (rev 57807)
@@ -8124,8 +8124,11 @@
        [stretch] - libzip <no-dsa> (Minor issue)
        [jessie] - libzip <no-dsa> (Minor issue)
        [wheezy] - libzip <no-dsa> (Minor issue)
+       - php5 <unfixed>
+       [wheezy] - php5 <no-dsa> (Minor issue)
        NOTE: 
https://blogs.gentoo.org/ago/2017/09/01/libzip-memory-allocation-failure-in-_zip_cdir_grow-zip_dirent-c/
        NOTE: 
https://github.com/nih-at/libzip/commit/9b46957ec98d85a572e9ef98301247f39338a3b5
+       NOTE: 
https://github.com/php/php-src/commit/f6e8ce812174343b5c9fd1860f9e2e2864428567
 CVE-2017-14105 (HiveManager Classic through 8.1r1 allows arbitrary JSP code 
execution ...)
        NOT-FOR-US: HiveManager
 CVE-2017-14104


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57807 - data/CVE

Reply via email to