diff options
| author | Ondřej Surý <ondrej@sury.org> | 2014-06-30 14:59:33 +0200 |
|---|---|---|
| committer | Ondřej Surý <ondrej@sury.org> | 2014-06-30 14:59:33 +0200 |
| commit | 8aef43acc3ab6cc3cefb72bad1b81e61bafd44ee (patch) | |
| tree | d3604d328a4a0811fae4e8cdcae1a34e87003c31 | |
| parent | bcacb39c8d1e7b01f7ce4260f8299043591e883c (diff) | |
| download | php-debian/5.4.4-14+deb7u12.tar.gz | |
prepare 5.4.4-14+deb7u12 releasedebian/5.4.4-14+deb7u12
| -rw-r--r-- | debian/changelog | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index e26a5db91..bc79da093 100644 --- a/debian/changelog +++ b/debian/changelog @@ -15,8 +15,14 @@ php5 (5.4.4-14+deb7u12) stable-security; urgency=high [ Ondřej Surý ] * Pull upstream fix for phpinfo() Type Confusion Information Leak (PHP#67498) - - -- Ondřej Surý <ondrej@debian.org> Mon, 30 Jun 2014 08:51:21 +0200 + * [CVE-2014-3515]: fix unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion + * [CVE-2014-0207]: fileinfo: cdf_read_short_sector insufficient boundary check + * [CVE-2014-3478]: fileinfo: mconvert incorrect handling of truncated pascal string size + * [CVE-2014-3479]: fileinfo: cdf_check_stream_offset insufficient boundary check + * [CVE-2014-3480]: fileinfo: cdf_count_chain insufficient boundary check + * [CVE-2014-3487]: fileinfo: cdf_read_property_info insufficient boundary check + + -- Ondřej Surý <ondrej@debian.org> Mon, 30 Jun 2014 14:55:00 +0200 php5 (5.4.4-14+deb7u11) stable-security; urgency=high |