Attachment #157848 for bug #200926

View | Details | Raw Unified | Return to bug 200926 | Differences between
Collapse All | Expand All





-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
  <vuln vid="cdff0af2-1492-11e5-a1cf-002590263bf5">
    <topic>php5 -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>php5</name>
	<range><lt>5.4.42</lt></range>
      </package>
      <package>
	<name>php55</name>
	<range><lt>5.5.26</lt></range>
      </package>
      <package>
	<name>php56</name>
	<range><lt>5.6.10</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The PHP project reports:</p>
	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-4">
	  <p>The PHP development team announces the immediate availability of
	    PHP 5.4.42. Six security-related issues in PHP were fixed in this
	    release, as well as several security issues in bundled sqlite
	    library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416). All PHP 5.4
	    users are encouraged to upgrade to this version.</p>
	</blockquote>
	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-1">
	  <p>The PHP development team announces the immediate availability of
	    PHP 5.5.26. Several bugs have been fixed as well as several security
	    issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415,
	    CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users
	    are encouraged to upgrade to this version.</p>
	</blockquote>
	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-2">
	  <p>The PHP development team announces the immediate availability of
	    PHP 5.6.10. Several bugs have been fixed as well as several security
	    issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415,
	    CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users
	    are encouraged to upgrade to this version.</p>
	</blockquote>
	<p>The CVE entries reported by the PHP project are not applicable as
	  the FreeBSD port defaults to linking to the port version of sqlite3
	  and pcre.</p>
      </body>
    </description>
    <references>
      <url>http://php.net/archive/2015.php#id2015-06-11-4</url>
      <url>http://php.net/archive/2015.php#id2015-06-11-1</url>
      <url>http://php.net/archive/2015.php#id2015-06-11-2</url>
    </references>
    <dates>
      <discovery>2015-06-11</discovery>
      <entry>2015-06-18</entry>
    </dates>
  </vuln>

  <vuln vid="2438d4af-1538-11e5-a106-3c970e169bc2">
    <topic>cURL -- Multiple Vulnerability</topic>
    <affects>

Return to bug 200926

Lines 57-62 Link Here

(-)vuln.xml (+56 lines)
57		57
58	-->	58	-->
59	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">	59	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
		60	<vuln vid="cdff0af2-1492-11e5-a1cf-002590263bf5">
		61	<topic>php5 -- multiple vulnerabilities</topic>
		62	<affects>
		63	<package>
		64	<name>php5</name>
		65	<range><lt>5.4.42</lt></range>
		66	</package>
		67	<package>
		68	<name>php55</name>
		69	<range><lt>5.5.26</lt></range>
		70	</package>
		71	<package>
		72	<name>php56</name>
		73	<range><lt>5.6.10</lt></range>
		74	</package>
		75	</affects>
		76	<description>
		77	<body xmlns="http://www.w3.org/1999/xhtml">
		78	<p>The PHP project reports:</p>
		79	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-4">
		80	<p>The PHP development team announces the immediate availability of
		81	PHP 5.4.42. Six security-related issues in PHP were fixed in this
		82	release, as well as several security issues in bundled sqlite
		83	library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416). All PHP 5.4
		84	users are encouraged to upgrade to this version.</p>
		85	</blockquote>
		86	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-1">
		87	<p>The PHP development team announces the immediate availability of
		88	PHP 5.5.26. Several bugs have been fixed as well as several security
		89	issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415,
		90	CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users
		91	are encouraged to upgrade to this version.</p>
		92	</blockquote>
		93	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-2">
		94	<p>The PHP development team announces the immediate availability of
		95	PHP 5.6.10. Several bugs have been fixed as well as several security
		96	issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415,
		97	CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users
		98	are encouraged to upgrade to this version.</p>
		99	</blockquote>
		100	<p>The CVE entries reported by the PHP project are not applicable as
		101	the FreeBSD port defaults to linking to the port version of sqlite3
		102	and pcre.</p>
		103	</body>
		104	</description>
		105	<references>
		106	<url>http://php.net/archive/2015.php#id2015-06-11-4</url>
		107	<url>http://php.net/archive/2015.php#id2015-06-11-1</url>
		108	<url>http://php.net/archive/2015.php#id2015-06-11-2</url>
		109	</references>
		110	<dates>
		111	<discovery>2015-06-11</discovery>
		112	<entry>2015-06-18</entry>
		113	</dates>
		114	</vuln>
		115
60	<vuln vid="2438d4af-1538-11e5-a106-3c970e169bc2">	116	<vuln vid="2438d4af-1538-11e5-a106-3c970e169bc2">
61	<topic>cURL -- Multiple Vulnerability</topic>	117	<topic>cURL -- Multiple Vulnerability</topic>
62	<affects>	118	<affects>