[Secure-testing-commits] r53453 - data/CVE

Salvatore Bonaccorso Thu, 13 Jul 2017 14:17:26 -0700

Author: carnil
Date: 2017-07-13 19:30:13 +0000 (Thu, 13 Jul 2017)
New Revision: 53453


Modified:
   data/CVE/list
Log:
Add information for CVE-2017-11146

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-07-13 19:27:19 UTC (rev 53452)
+++ data/CVE/list       2017-07-13 19:30:13 UTC (rev 53453)
@@ -170,7 +170,9 @@
 CVE-2017-11148
        RESERVED
 CVE-2017-11146 (In PHP through 5.6.31, 7.x through 7.0.21, and 7.1.x through 
7.1.7, ...)
-       TODO: check
+       - php7.1 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
+       - php7.0 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
+       - php5 <not-affected> (Incomplete fix for CVE-2017-11145 not applied)
 CVE-2017-11145 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 
7.1.7, lack ...)
        - php7.1 <unfixed>
        - php7.0 <unfixed>
@@ -178,6 +180,12 @@
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74819
        NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
        NOTE: https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75
+       NOTE: When fixing this CVE make sure to make the fix complete, as per
+       NOTE: https://marc.info/?l=oss-security&m=149969403317810&w=2 to not
+       NOTE: open CVE-2017-11146.
+       NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74819
+       NOTE: https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75
+       NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
 CVE-2017-1000362
        RESERVED
 CVE-2017-1000081


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r53453 - data/CVE

Reply via email to