Attachment #157875 for bug #200926

View | Details | Raw Unified | Return to bug 200926 | Differences between
Collapse All | Expand All





-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
  <vuln vid="cdff0af2-1492-11e5-a1cf-002590263bf5">
    <topic>php5 -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>php5</name>
	<name>php5-ftp</name>
	<name>php5-pgsql</name>
	<range><lt>5.4.42</lt></range>
      </package>
      <package>
	<name>php55</name>
	<name>php55-ftp</name>
	<name>php55-pgsql</name>
	<range><lt>5.5.26</lt></range>
      </package>
      <package>
	<name>php56</name>
	<name>php56-ftp</name>
	<name>php56-psql</name>
	<range><lt>5.6.10</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The PHP project reports:</p>
	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-4">
	  <p>The PHP development team announces the immediate availability of
	    PHP 5.4.42. Six security-related issues in PHP were fixed in this
	    release, as well as several security issues in bundled sqlite
	    library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416). All PHP 5.4
	    users are encouraged to upgrade to this version.</p>
	</blockquote>
	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-1">
	  <p>The PHP development team announces the immediate availability of
	    PHP 5.5.26. Several bugs have been fixed as well as several security
	    issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415,
	    CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users
	    are encouraged to upgrade to this version.</p>
	</blockquote>
	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-2">
	  <p>The PHP development team announces the immediate availability of
	    PHP 5.6.10. Several bugs have been fixed as well as several security
	    issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415,
	    CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users
	    are encouraged to upgrade to this version.</p>
	</blockquote>
	<p>The CVE entries reported by the PHP project are not applicable as
	  the FreeBSD port defaults to linking to the port version of sqlite3
	  and pcre.</p>
      </body>
    </description>
    <references>
      <cvename>CVE-2015-4643</cvename>
      <cvename>CVE-2015-4644</cvename>
      <url>http://php.net/archive/2015.php#id2015-06-11-4</url>
      <url>http://php.net/archive/2015.php#id2015-06-11-1</url>
      <url>http://php.net/archive/2015.php#id2015-06-11-2</url>
      <mlist>http://openwall.com/lists/oss-security/2015/06/18/3</mlist>
    </references>
    <dates>
      <discovery>2015-06-11</discovery>
      <entry>2015-06-19</entry>
    </dates>
  </vuln>

  <vuln vid="2438d4af-1538-11e5-a106-3c970e169bc2">
    <topic>cURL -- Multiple Vulnerability</topic>
    <affects>

Return to bug 200926

Lines 57-62 Link Here

(-)vuln.xml (+65 lines)
57		57
58	-->	58	-->
59	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">	59	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
		60	<vuln vid="cdff0af2-1492-11e5-a1cf-002590263bf5">
		61	<topic>php5 -- multiple vulnerabilities</topic>
		62	<affects>
		63	<package>
		64	<name>php5</name>
		65	<name>php5-ftp</name>
		66	<name>php5-pgsql</name>
		67	<range><lt>5.4.42</lt></range>
		68	</package>
		69	<package>
		70	<name>php55</name>
		71	<name>php55-ftp</name>
		72	<name>php55-pgsql</name>
		73	<range><lt>5.5.26</lt></range>
		74	</package>
		75	<package>
		76	<name>php56</name>
		77	<name>php56-ftp</name>
		78	<name>php56-psql</name>
		79	<range><lt>5.6.10</lt></range>
		80	</package>
		81	</affects>
		82	<description>
		83	<body xmlns="http://www.w3.org/1999/xhtml">
		84	<p>The PHP project reports:</p>
		85	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-4">
		86	<p>The PHP development team announces the immediate availability of
		87	PHP 5.4.42. Six security-related issues in PHP were fixed in this
		88	release, as well as several security issues in bundled sqlite
		89	library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416). All PHP 5.4
		90	users are encouraged to upgrade to this version.</p>
		91	</blockquote>
		92	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-1">
		93	<p>The PHP development team announces the immediate availability of
		94	PHP 5.5.26. Several bugs have been fixed as well as several security
		95	issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415,
		96	CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users
		97	are encouraged to upgrade to this version.</p>
		98	</blockquote>
		99	<blockquote cite="http://php.net/archive/2015.php#id2015-06-11-2">
		100	<p>The PHP development team announces the immediate availability of
		101	PHP 5.6.10. Several bugs have been fixed as well as several security
		102	issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415,
		103	CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users
		104	are encouraged to upgrade to this version.</p>
		105	</blockquote>
		106	<p>The CVE entries reported by the PHP project are not applicable as
		107	the FreeBSD port defaults to linking to the port version of sqlite3
		108	and pcre.</p>
		109	</body>
		110	</description>
		111	<references>
		112	<cvename>CVE-2015-4643</cvename>
		113	<cvename>CVE-2015-4644</cvename>
		114	<url>http://php.net/archive/2015.php#id2015-06-11-4</url>
		115	<url>http://php.net/archive/2015.php#id2015-06-11-1</url>
		116	<url>http://php.net/archive/2015.php#id2015-06-11-2</url>
		117	<mlist>http://openwall.com/lists/oss-security/2015/06/18/3</mlist>
		118	</references>
		119	<dates>
		120	<discovery>2015-06-11</discovery>
		121	<entry>2015-06-19</entry>
		122	</dates>
		123	</vuln>
124
60	<vuln vid="2438d4af-1538-11e5-a106-3c970e169bc2">	125	<vuln vid="2438d4af-1538-11e5-a106-3c970e169bc2">
61	<topic>cURL -- Multiple Vulnerability</topic>	126	<topic>cURL -- Multiple Vulnerability</topic>
62	<affects>	127	<affects>