Replace git.php.net HTTP URLs with HTTPS URLs

author: Salvatore Bonaccorso <carnil@debian.org> 2020-08-23 19:39:08 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-08-23 19:39:08 +0200
commit: 41d7c650ad0ab35118aa07356d72df26fa66f0e0 (patch)
tree: 3624f86c05e5950f1b0a1def3056ab2874e410c9
parent: 8b03458cc1e9bf5f12d4980c7f9e50e13d3ec43d (diff)
9 files changed, 84 insertions, 84 deletions
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index 1f1e81a788..2a753a17db 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -1489,8 +1489,8 @@ CVE-2012-6114 (The git-changelog utility in git-extras 1.7.0 allows local users
 CVE-2012-6113 (The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 thr ...)
 	- php5 5.4.0~beta2-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.9)
-	NOTE: Introduced in http://git.php.net/?p=php-src.git;a=commitdiff;h=095cbc48a8f0090f3b0abc6155f2b61943c9eafb
-	NOTE: Fixed in 5.3.14 http://git.php.net/?p=php-src.git;a=commitdiff;h=270a406ac94b5fc5cc9ef59fc61e3b4b95648a3e
+	NOTE: Introduced in https://git.php.net/?p=php-src.git;a=commitdiff;h=095cbc48a8f0090f3b0abc6155f2b61943c9eafb
+	NOTE: Fixed in 5.3.14 https://git.php.net/?p=php-src.git;a=commitdiff;h=270a406ac94b5fc5cc9ef59fc61e3b4b95648a3e
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1099793
 	NOTE: https://bugs.php.net/bug.php?id=61413
 CVE-2012-6112 (classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellcheck ...)
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index da95954d82..9333c7dc0d 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -2151,7 +2151,7 @@ CVE-2013-6713 (The Data Protection for VMware component in IBM Tivoli Storage Ma
 CVE-2013-6712 (The scan function in ext/date/lib/parse_iso_intervals.c in PHP through ...)
 	{DSA-2816-1}
 	- php5 5.5.6+dfsg-2 (bug #731112)
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=12fe4e90be7bfa2a763197079f68f5568a14e071
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=12fe4e90be7bfa2a763197079f68f5568a14e071
 CVE-2013-6711 (Cross-site scripting (XSS) vulnerability in the product-creation admin ...)
 	NOT-FOR-US: Cisco
 CVE-2013-6710 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Trainin ...)
@@ -3032,7 +3032,7 @@ CVE-2013-6421 (The unpack_zip function in archive_unpacker.rb in the sprout gem
 CVE-2013-6420 (The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP befor ...)
 	{DSA-2816-1}
 	- php5 5.5.6+dfsg-2 (bug #731895)
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c1224573c773b6845e83505f717fbf820fc18415
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=c1224573c773b6845e83505f717fbf820fc18415
 CVE-2013-6419 (Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 ...)
 	- neutron 2013.2.1-1
 	- nova 2013.2.1-1
@@ -14007,7 +14007,7 @@ CVE-2013-2110 (Heap-based buffer overflow in the php_quot_print_encode function
 	[wheezy] - php5 <not-affected> (Vulnerable code not present)
 	[squeeze] - php5 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/php/php-src/commit/93e0d78ec655f59ebfa82b2c6f8486c43651c1d0
-	NOTE: vulnerability introduced with commit http://git.php.net/?p=php-src.git;a=commitdiff;h=18bb426587d62f93c54c40bf8535eb8416603629
+	NOTE: vulnerability introduced with commit https://git.php.net/?p=php-src.git;a=commitdiff;h=18bb426587d62f93c54c40bf8535eb8416603629
 CVE-2013-2109 (WordPress plugin wp-cleanfix has Remote Code Execution ...)
 	NOT-FOR-US: WordPress plugin wp-cleanfix
 CVE-2013-2108 (WordPress WP Cleanfix Plugin 2.4.4 has CSRF ...)
@@ -14976,7 +14976,7 @@ CVE-2013-1824 (The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allo
 	{DSA-2639-1}
 	- php5 5.4.4-14
 	NOTE: See CVE-2013-1643
-	NOTE: http://git.php.net/?p=web/php.git;a=commitdiff;h=e8432b34ee7a196a14a6e0191a00fe73b5a095e7
+	NOTE: https://git.php.net/?p=web/php.git;a=commitdiff;h=e8432b34ee7a196a14a6e0191a00fe73b5a095e7
 CVE-2013-1823 (Cross-site scripting (XSS) vulnerability in the Notifications form in  ...)
 	NOT-FOR-US: Katello
 CVE-2013-1822 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x  ...)
@@ -15732,7 +15732,7 @@ CVE-2013-1644
 CVE-2013-1643 (The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows re ...)
 	{DSA-2639-1}
 	- php5 5.4.4-14 (bug #702221)
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=c737b89473df9dba6742b8fc8fbf6d009bf05c36
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=c737b89473df9dba6742b8fc8fbf6d009bf05c36
 CVE-2013-1642 (Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer befo ...)
 	NOT-FOR-US: QuiXplorer
 CVE-2013-1641 (Directory traversal vulnerability in the zip download functionality in ...)
@@ -15753,7 +15753,7 @@ CVE-2013-1635 (ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does
 	{DSA-2639-1}
 	- php5 5.4.4-14 (unimportant; bug #702221)
 	NOTE: open_basedir not supported
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74
 CVE-2013-1634 (A denial of service vulnerability exists in some motherboard implement ...)
 	NOT-FOR-US: Intel
 CVE-2013-1633 (easy_install in setuptools before 0.7 uses HTTP to retrieve packages f ...)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index be349e9ee2..d796d043ba 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -2025,8 +2025,8 @@ CVE-2014-9709 (The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as
 	NOTE: https://bugs.php.net/bug.php?id=68601
 	NOTE: Fix in libgd2: https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43
 	NOTE: Also related: https://bitbucket.org/libgd/gd-libgd/commits/81e9a993f2893d651d225646378e3fd1b7465467
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=07b5896a1389c3e865cbd2fb353806b2cefe4f5c
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=07b5896a1389c3e865cbd2fb353806b2cefe4f5c
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd, the embedded copy was fixed upstream in 5.6.5
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/469990b43c294692493f15f8400560fe5d966a02
 CVE-2014-9701 (Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and ...)
@@ -3108,7 +3108,7 @@ CVE-2014-9427 (sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5
 	- php5 5.6.5+dfsg-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.4.1)
 	NOTE: https://bugs.php.net/bug.php?id=68618
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=f9ad3086693fce680fbe246e4a45aa92edd2ac35
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=f9ad3086693fce680fbe246e4a45aa92edd2ac35
 CVE-2014-XXXX [CRAM-MD5 authentication bypass]
 	- dbmail <not-affected> (Only affects versions supporting cram-md5, so 3.0.0 and later)
 	NOTE: http://blog.gmane.org/gmane.mail.imap.dbmail/day=20141219
@@ -5278,7 +5278,7 @@ CVE-2014-8627 (PolarSSL 1.3.8 does not properly negotiate the signature algorith
 CVE-2014-8626 (Stack-based buffer overflow in the date_from_ISO8601 function in ext/x ...)
 	- php5 5.2.9.dfsg.1-1
 	NOTE: https://bugs.php.net/bug.php?id=45226
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c818d0d01341907fee82bdb81cab07b7d93bb9db
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=c818d0d01341907fee82bdb81cab07b7d93bb9db
 CVE-2014-8625 (Multiple format string vulnerabilities in the parse_error_msg function ...)
 	- dpkg 1.17.22 (unimportant; bug #768485)
 	[wheezy] - dpkg 1.16.16
@@ -6119,12 +6119,12 @@ CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for
 	{DSA-3059-1 DLA-79-1}
 	- dokuwiki 0.0.20140929.a-1 (bug #766545)
 	[jessie] - dokuwiki <not-affected> (PHP 5.6 in jessie fixes this on the PHP level, see #766545)
-	NOTE: Fix at PHP level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
+	NOTE: Fix at PHP level: https://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
 CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP auth ...)
 	{DSA-3059-1 DLA-79-1}
 	- dokuwiki 0.0.20140929.a-1 (bug #766545)
 	[jessie] - dokuwiki <not-affected> (PHP 5.6 in jessie fixes this on the PHP level, see #766545)
-	NOTE: Fix at PHP level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
+	NOTE: Fix at PHP level: https://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
 CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remo ...)
 	{DSA-3059-1}
 	- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
@@ -6573,8 +6573,8 @@ CVE-2014-8143 (Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before
 CVE-2014-8142 (Use-after-free vulnerability in the process_nested_data function in ex ...)
 	{DSA-3117-1}
 	- php5 5.6.5+dfsg-1 (unimportant)
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=630f9c33c23639de85c3fd306b209b538b73b4c9
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=53f129a44d3c4ec0fae57993b9ae2f6cb48973cc
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=630f9c33c23639de85c3fd306b209b538b73b4c9
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=53f129a44d3c4ec0fae57993b9ae2f6cb48973cc
 	NOTE: Only affects an inherently insecure use case
 CVE-2014-8141 (Heap-based buffer overflow in the getZip64Data function in Info-ZIP Un ...)
 	{DSA-3113-1 DLA-124-1}
@@ -14749,7 +14749,7 @@ CVE-2014-4699 (The Linux kernel before 3.15.4 on Intel processors does not prope
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a
 CVE-2014-4698 (Use-after-free vulnerability in ext/spl/spl_array.c in the SPL compone ...)
 	- php5 5.6.0~rc3+dfsg-1 (unimportant)
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=22882a9d89712ff2b6ebc20a689a89452bba4dcd
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=22882a9d89712ff2b6ebc20a689a89452bba4dcd
 	NOTE: https://bugs.php.net/bug.php?id=67539
 	NOTE: exploitable by malicious scripts only
 CVE-2014-4697
@@ -14808,7 +14808,7 @@ CVE-2014-4670 (Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL c
 	{DSA-3008-1}
 	- php5 5.6.0~rc3+dfsg-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=df78c48354f376cf419d7a97f88ca07d572f00fb
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=df78c48354f376cf419d7a97f88ca07d572f00fb
 	NOTE: https://bugs.php.net/bug.php?id=67538
 CVE-2014-4669 (HP Enterprise Maps 1.00 allows remote authenticated users to read arbi ...)
 	NOT-FOR-US: HP Enterprise Maps
@@ -17075,7 +17075,7 @@ CVE-2014-3710 (The donote function in readelf.c in file through 5.20, as used in
 	NOTE: Upstream fix: https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
 	- php5 5.6.3+dfsg-1 (bug #768807)
 	NOTE: https://bugs.php.net/bug.php?id=68283
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=1803228597e82218a8c105e67975bc50e6f5bf0d (PHP 5.4 branch)
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=1803228597e82218a8c105e67975bc50e6f5bf0d (PHP 5.4 branch)
 CVE-2014-3709 (The org.keycloak.services.resources.SocialResource.callback method in  ...)
 	NOT-FOR-US: JBoss KeyCloak
 CVE-2014-3708 (OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1  ...)
@@ -21571,7 +21571,7 @@ CVE-2014-2270 (softmagic.c in file before 5.17 and libmagic allows context-depen
 	NOTE: http://bugs.gw.com/view.php?id=313
 	NOTE: https://github.com/glensc/file/commit/447558595a3650db2886cd2f416ad0beba965801
 	- php5 5.5.10+dfsg-1 (bug #740960)
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
 CVE-2014-5795
 	REJECTED
 CVE-2014-2245 (SQL injection vulnerability in the News module in CMS Made Simple (CMS ...)
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index d8754d335f..b724f87810 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1761,7 +1761,7 @@ CVE-2015-8866 (ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6,
 	NOTE: https://bugs.php.net/bug.php?id=64938
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-06 -> Relation to CVE-2015-5161
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9
 	NOTE: Fixed in 5.6.6, 5.5.22
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/21/8
 CVE-2015-8867 (The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in P ...)
@@ -1771,7 +1771,7 @@ CVE-2015-8867 (The openssl_random_pseudo_bytes function in ext/openssl/openssl.c
 	[wheezy] - php5 5.4.44-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=70014
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1534203
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827
 	NOTE: Fixed in 7.0.0, 5.6.12, 5.5.28, 5.5.44
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/21/8
 CVE-2015-8853 (The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in  ...)
@@ -1849,7 +1849,7 @@ CVE-2015-8865 (The file_check_mem function in funcs.c in file before 5.23, as us
 	NOTE: http://bugs.gw.com/view.php?id=522
 	NOTE: https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36
 	NOTE: https://bugs.php.net/bug.php?id=71527
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=fe13566c93f118a15a96320a546c7878fd0cfc5e
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fe13566c93f118a15a96320a546c7878fd0cfc5e
 	NOTE: PHP fixed in 7.0.5, 5.6.20, 5.5.34
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/4e614ba041e24af8351afbb49c92444c0850f23b
@@ -2106,7 +2106,7 @@ CVE-2015-XXXX [Type Confusion Vulnerability in PHP_to_XMLRPC_worker()]
 	[jessie] - php5 5.6.17+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.45-0+deb7u4
 	NOTE: Workaround entry for DLA-533-1 until CVE is assigned
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=f3c1863aa2721343245b63ac7bd68cfdc3dd41f3
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=f3c1863aa2721343245b63ac7bd68cfdc3dd41f3
 	NOTE: https://bugs.php.net/bug.php?id=70728
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/03/3
 CVE-2015-XXXX [Session WDDX Packet Deserialization Type Confusion Vulnerability]
@@ -8992,7 +8992,7 @@ CVE-2015-6673 (Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15
 	NOTE: https://sourceforge.net/p/libpgf/code/148/
 CVE-2015-6527 (The php_str_replace_in_subject function in ext/standard/string.c in PH ...)
 	- php5 <not-affected> (Specific to PHP 7)
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5
 	NOTE: https://bugs.php.net/bug.php?id=70140
 CVE-2015-6521 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS vers ...)
 	NOT-FOR-US: ATutor
@@ -11478,13 +11478,13 @@ CVE-2015-5590 (Stack-based buffer overflow in the phar_fix_filepath function in
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69923
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f
 	NOTE: Fixed in 5.6.11, 5.4.43
 CVE-2015-5589 (The phar_convert_to_other function in ext/phar/phar_object.c in PHP be ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69958
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf
 	NOTE: Fixed in 5.6.11, 5.4.43
 CVE-2015-5536 (Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.1 ...)
 	NOT-FOR-US: Belkin router
@@ -14117,21 +14117,21 @@ CVE-2015-4645 (Integer overflow in the read_fragment_table_4 function in unsquas
 CVE-2015-4642 (The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.4 ...)
 	- php5 <not-affected> (Windows specific)
 	NOTE: https://bugs.php.net/bug.php?id=69646
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=d2ac264ffea5ca2e85640b6736e0c7cd4ee9a4a9
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=d2ac264ffea5ca2e85640b6736e0c7cd4ee9a4a9
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
 CVE-2015-4643 (Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP b ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
 	NOTE: https://bugs.php.net/bug.php?id=69545#1431550655
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
 CVE-2015-4644 (The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgs ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
 	NOTE: https://bugs.php.net/bug.php?id=69667
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
 CVE-2015-4639 (Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl  ...)
 	NOT-FOR-US: Koha
@@ -14617,21 +14617,21 @@ CVE-2015-4602 (The __PHP_Incomplete_Class function in ext/standard/incomplete_cl
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=fb83c76deec58f1fab17c350f04c9f042e5977d1
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=fb83c76deec58f1fab17c350f04c9f042e5977d1
 	NOTE: https://bugs.php.net/bug.php?id=69152
 CVE-2015-4601 (PHP before 5.6.7 might allow remote attackers to cause a denial of ser ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
 	NOTE: https://bugs.php.net/bug.php?id=69152
 CVE-2015-4600 (The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.2 ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
 	NOTE: https://bugs.php.net/bug.php?id=69152
 CVE-2015-4599 (The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4. ...)
 	{DLA-307-1}
@@ -14639,7 +14639,7 @@ CVE-2015-4599 (The SoapFault::__toString method in ext/soap/soap.c in PHP before
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69152
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=51856a76f87ecb24fe1385342be43610fb6c86e4
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=51856a76f87ecb24fe1385342be43610fb6c86e4
 CVE-2015-4598 (PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does n ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
@@ -15869,7 +15869,7 @@ CVE-2015-4021 (The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69453
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/17/2 and http://www.openwall.com/lists/oss-security/2015/05/18/2
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
 CVE-2015-3987 (Multiple unquoted Windows search path vulnerabilities in the (1) Clien ...)
@@ -17334,8 +17334,8 @@ CVE-2015-3412 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 do
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=52b93f0cfd3cba7ff98cc5198df6ca4f23865f80
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=52b93f0cfd3cba7ff98cc5198df6ca4f23865f80
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257
 	NOTE: https://bugs.php.net/bug.php?id=69353
 CVE-2015-3411 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does no ...)
 	{DLA-307-1}
@@ -17655,7 +17655,7 @@ CVE-2015-3330 (The php_handler function in sapi/apache2handler/sapi_apache2.c in
 	- php5 5.6.7+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69218
 	NOTE: https://bugs.php.net/bug.php?id=68486
-	NOTE: Fixed by: http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7
+	NOTE: Fixed by: https://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/17/3
 	NOTE: For details on scope of the CVE assignment: http://www.openwall.com/lists/oss-security/2015/04/17/7
 CVE-2015-3319 (Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly ...)
@@ -17678,11 +17678,11 @@ CVE-2015-3307 (The phar_parse_metadata function in ext/phar/phar.c in PHP before
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69443
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
 CVE-2015-3329 (Multiple stack-based buffer overflows in the phar_set_inode function i ...)
 	{DSA-3280-1 DLA-212-1}
 	- php5 5.6.9+dfsg-1
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c
 	NOTE: https://bugs.php.net/bug.php?id=69441
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/16/22
 	NOTE: Fixed in 5.6.8 and 5.4.40
@@ -19321,7 +19321,7 @@ CVE-2015-2783 (ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.
 	{DSA-3280-1 DLA-212-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69324
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
 	NOTE: Fixed in 5.6.8 and 5.4.40
 CVE-2015-2781 (Cross-site scripting (XSS) vulnerability in cgi-bin/hotspotlogin.cgi i ...)
 	NOT-FOR-US: Hotspot Express hotEx Billing Manager
@@ -20956,7 +20956,7 @@ CVE-2015-2301 (Use-after-free vulnerability in the phar_rename_archive function
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68901
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/10/6
 CVE-2015-2265 (The remove_bad_chars function in utils/cups-browsed.c in cups-filters  ...)
 	- cups-filters 1.0.61-5 (bug #780267)
@@ -25669,13 +25669,13 @@ CVE-2015-1352 (The build_tablename function in pgsql.c in the PostgreSQL (aka pg
 	- php5 5.6.6+dfsg-2 (bug #777036)
 	[squeeze] - php5 <not-affected> (vulnerable code (build_tablename()) introduced later)
 	NOTE: https://bugs.php.net/bug.php?id=68741
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=124fb22a13fafa3648e4e15b4f207c7096d8155e
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=124fb22a13fafa3648e4e15b4f207c7096d8155e
 CVE-2015-1351 (Use-after-free vulnerability in the _zend_shared_memdup function in ze ...)
 	- php5 5.6.6+dfsg-2 (bug #777033)
 	[squeeze] - php5 <not-affected> (opcache introduced in 5.5)
 	[wheezy] - php5 <not-affected> (opcache introduced in 5.5)
 	NOTE: https://bugs.php.net/bug.php?id=68677
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=777c39f4042327eac4b63c7ee87dc1c7a09a3115
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=777c39f4042327eac4b63c7ee87dc1c7a09a3115
 CVE-2015-XXXX [insecure keyring handling]
 	- weboob 1.0-3 (low; bug #774838)
 	[wheezy] - weboob <no-dsa> (Minor issue)
@@ -26527,8 +26527,8 @@ CVE-2015-0273 (Multiple use-after-free vulnerabilities in ext/date/php_date.c in
 	{DSA-3195-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68942
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c377f1a715476934133f3254d1e0d4bf3743e2d2
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=71335e6ebabc1b12c057d8017fd811892ecdfd24
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=c377f1a715476934133f3254d1e0d4bf3743e2d2
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=71335e6ebabc1b12c057d8017fd811892ecdfd24
 CVE-2015-0272 (GNOME NetworkManager allows remote attackers to cause a denial of serv ...)
 	- network-manager 1.0.4-1
 	[jessie] - network-manager <no-dsa> (Will be fixed on the kernel side)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index e95d3db79c..2e0e2178e1 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1591,7 +1591,7 @@ CVE-2016-10397 (In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling o
 	[jessie] - php5 5.6.28+dfsg-0+deb8u1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=73192
 	NOTE: Fixed in 7.1.0, 7.0.13, 5.6.28
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=b061fa909de77085d3822a89ab901b934d0362c4
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=b061fa909de77085d3822a89ab901b934d0362c4
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
 CVE-2016-10396 (The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable ...)
 	{DLA-1044-1}
@@ -7165,7 +7165,7 @@ CVE-2016-9137 (Use-after-free vulnerability in the CURLFile implementation in ex
 	- php5 <removed>
 	[wheezy] - php5 <not-affected> (Vulnerable code not present in version 5.4.45)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73147
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0e6fe3a4c96be2d3e88389a5776f878021b4c59f
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=0e6fe3a4c96be2d3e88389a5776f878021b4c59f
 	NOTE: Fixed in 7.0.12, 5.6.27
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/1
 CVE-2016-8673 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl ...)
@@ -10446,8 +10446,8 @@ CVE-2016-7479 (In all versions of PHP 7, during the unserialization process, res
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72610
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73092
 	NOTE: Fixed in 7.0.15
-	NOTE: PHP 5.x/7.x: http://git.php.net/?p=php-src.git;a=commit;h=0426b916df396a23e5c34514e4f2f0627efdcdf0
-	NOTE: PHP 7.x: http://git.php.net/?p=php-src.git;a=commit;h=b47c49d7a00bc34d7e0f3d72732f66e904da6fa7
+	NOTE: PHP 5.x/7.x: https://git.php.net/?p=php-src.git;a=commit;h=0426b916df396a23e5c34514e4f2f0627efdcdf0
+	NOTE: PHP 7.x: https://git.php.net/?p=php-src.git;a=commit;h=b47c49d7a00bc34d7e0f3d72732f66e904da6fa7
 	NOTE: The change is in 5.6+, even though the property table issue only affects
 	NOTE: PHP 7, because this also prevents a wide range of other __wakeup() based
 	NOTE: attacks.
@@ -10457,7 +10457,7 @@ CVE-2016-7478 (Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x
 	- php7.0 7.0.13-1
 	- php5 <removed>
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73093
-	NOTE: Patch for 5.6.x: http://git.php.net/?p=php-src.git;a=commit;h=40e7baab3c90001beee4c8f0ed0ef79ad18ee0d6 (5.6.28)
+	NOTE: Patch for 5.6.x: https://git.php.net/?p=php-src.git;a=commit;h=40e7baab3c90001beee4c8f0ed0ef79ad18ee0d6 (5.6.28)
 	NOTE: backported patch for 5.4: https://lists.debian.org/87efysy07p.fsf@curie.anarc.at
 CVE-2016-7477 (The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 al ...)
 	- libav <removed> (unimportant)
@@ -14214,14 +14214,14 @@ CVE-2016-6297 (Integer overflow in the php_stream_zip_opener function in ext/zip
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72520
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=81406c0c1d45f75fcc7972ed974d2597abb0b9e9
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=81406c0c1d45f75fcc7972ed974d2597abb0b9e9
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6296 (Integer signedness error in the simplestring_addn function in simplest ...)
 	{DSA-3631-1 DLA-2011-1 DLA-628-1 DLA-569-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72606
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=e6c48213c22ed50b2b987b479fcc1ac709394caa
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=e6c48213c22ed50b2b987b479fcc1ac709394caa
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 	- xmlrpc-epi 0.54.2-1.2 (bug #832959)
 	NOTE: In stretch/sid php7.0 is using the system library not the embedded one.
@@ -14230,14 +14230,14 @@ CVE-2016-6295 (ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72479
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=cab1c3b3708eead315e033359d07049b23b147a3
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=cab1c3b3708eead315e033359d07049b23b147a3
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6294 (The locale_accept_from_http function in ext/intl/locale/locale_methods ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72533
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6293 (The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in Interna ...)
 	{DSA-3725-1 DLA-615-1}
@@ -14251,28 +14251,28 @@ CVE-2016-6292 (The exif_process_user_comment function in ext/exif/exif.c in PHP
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72618
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6291 (The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP b ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72603
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=eebcbd5de38a0f1c2876035402cb770e37476519
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=eebcbd5de38a0f1c2876035402cb770e37476519
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6290 (ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7 ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72562
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=3798eb6fd5dddb211b01d41495072fd9858d4e32
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=3798eb6fd5dddb211b01d41495072fd9858d4e32
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6289 (Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_ ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72513
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0218acb7e756a469099c4ccfb22bce6c2bd1ef87
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=0218acb7e756a469099c4ccfb22bce6c2bd1ef87
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 CVE-2016-6271 (The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the- ...)
 	- bzrtp 1.0.2-1.2 (bug #859277)
@@ -15950,42 +15950,42 @@ CVE-2016-5773 (php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72434
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f6aef68089221c5ea047d4a74224ee3deead99a6
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=f6aef68089221c5ea047d4a74224ee3deead99a6
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5772 (Double free vulnerability in the php_wddx_process_data function in wdd ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72340
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5771 (spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 <not-affected> (Does not affect PHP 7.x)
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72433
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
 	NOTE: Fixed in 5.5.37, 5.6.23
 CVE-2016-5770 (Integer overflow in the SplFileObject::fread function in spl_directory ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72262
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=7245bff300d3fa8bacbef7897ff080a6f1c23eba
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=7245bff300d3fa8bacbef7897ff080a6f1c23eba
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5769 (Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP  ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72455
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5768 (Double free vulnerability in the _php_mb_regex_ereg_replace_exec funct ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72402
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5b597a2e5b28e2d5a52fc1be13f425f08f47cb62
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=5b597a2e5b28e2d5a52fc1be13f425f08f47cb62
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 CVE-2016-5767 (Integer overflow in the gdImageCreate function in gd.c in the GD Graph ...)
 	- php7.0 7.0.8-1 (unimportant)
@@ -15993,7 +15993,7 @@ CVE-2016-5767 (Integer overflow in the gdImageCreate function in gd.c in the GD
 	[jessie] - php5 5.6.23+dfsg-0+deb8u1
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72446
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 	- libgd2 2.0.34~rc1-1
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/cfee163a5e848fc3e3fb1d05a30d7557cdd36457 (GD_2_0_34RC1)
@@ -16004,7 +16004,7 @@ CVE-2016-5766 (Integer overflow in the _gd2GetHeader function in gd_gd2.c in the
 	[jessie] - php5 5.6.23+dfsg-0+deb8u1
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72339
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=7722455726bec8c53458a32851d2a87982cf0eac
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=7722455726bec8c53458a32851d2a87982cf0eac
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 	- libgd2 2.2.2-29-g3c2b605-1 (bug #829014)
 	NOTE: https://github.com/libgd/libgd/issues/243
@@ -20092,7 +20092,7 @@ CVE-2016-4473 (/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote atta
 	NOTE: The issue was introduced as part CVE-2015-6833, which was applied upstream
 	NOTE: in versions 5.4.44, 5.5.28, and 5.6.12.
 	NOTE: https://bugs.php.net/bug.php?id=72321
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=d144590d38fa321b46b8e199c754006318985c84
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=d144590d38fa321b46b8e199c754006318985c84
 	NOTE: Fixed in 5.6.23
 CVE-2016-4472 (The overflow protection in Expat is removed by compilers with certain  ...)
 	{DSA-3582-1 DLA-483-1}
@@ -23481,7 +23481,7 @@ CVE-2016-3133
 CVE-2016-3132 (Double free vulnerability in the SplDoublyLinkedList::offsetSet functi ...)
 	- php7.0 7.0.6-1
 	NOTE: https://bugs.php.net/bug.php?id=71735
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5
 CVE-2016-3131 (Cloudera CDH before 5.6.1 allows authorization bypass via direct inter ...)
 	NOT-FOR-US: Cloudera
 CVE-2016-3130 (An information disclosure vulnerability in the Core and Management Con ...)
@@ -26072,7 +26072,7 @@ CVE-2016-XXXX [Integer overflow in iptcembed()]
 	NOTE: temporary workaround until CVE assigned to explitly tag for squeeze
 	NOTE: https://bugs.php.net/bug.php?id=71459
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305518
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=54c210d2ea9b8539edcde1888b1104b96b38e886
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=54c210d2ea9b8539edcde1888b1104b96b38e886
 	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
 	- hhvm 3.12.1+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/381702ffbfdae170ba3fff97d6cc1b9c69666854
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index aae7b7abd0..c1a0d25301 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -23014,7 +23014,7 @@ CVE-2017-11147 (In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive han
 	[jessie] - php5 5.6.30+dfsg-0+deb8u1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73773
 	NOTE: Fixed in 7.1.1, 7.0.15, 5.6.30
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=e5246580a85f031e1a3b8064edbaa55c1643a451
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=e5246580a85f031e1a3b8064edbaa55c1643a451
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
 CVE-2017-11144 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the o ...)
 	{DSA-4081-1 DSA-4080-1 DLA-1034-1}
@@ -23023,9 +23023,9 @@ CVE-2017-11144 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7,
 	- php5 <removed>
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74651
 	NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=89637c6b41b510c20d262c17483f582f115c66d6
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=73cabfedf519298e1a11192699f44d53c529315e
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=91826a311dd37f4c4e5d605fa7af331e80ddd4c3
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=89637c6b41b510c20d262c17483f582f115c66d6
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=73cabfedf519298e1a11192699f44d53c529315e
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=91826a311dd37f4c4e5d605fa7af331e80ddd4c3
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
 CVE-2017-11143 (In PHP before 5.6.31, an invalid free in the WDDX deserialization of b ...)
 	{DSA-4081-1 DLA-1034-1}
@@ -23033,8 +23033,8 @@ CVE-2017-11143 (In PHP before 5.6.31, an invalid free in the WDDX deserializatio
 	- php7.0 <not-affected> (Only affected 5.6)
 	- php5 <removed>
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74145
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7
-	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f269cdcd4f76accbecd03884f327cffb9a7f1ca9
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7
+	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=f269cdcd4f76accbecd03884f327cffb9a7f1ca9
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
 CVE-2017-11142 (In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remot ...)
 	{DSA-4081-1}
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index ef243ccada..e6ba594409 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -22044,7 +22044,7 @@ CVE-2018-12882 (exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.
 	- php7.0 <not-affected> (Specific to 7.2.x)
 	- php5 <not-affected> (Specific to 7.2.x)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76409
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=3fdde65617e9f954e2c964768aac8831005497e5
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=3fdde65617e9f954e2c964768aac8831005497e5
 CVE-2018-12881 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12880 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 366a90c96c..adf1ca9719 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -25825,7 +25825,7 @@ CVE-2019-11046 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0
 	- php5 <removed>
 	NOTE: Fixed in PHP 7.4.1, 7.3.13
 	NOTE: PHP Bug: http://bugs.php.net/78878
-	NOTE: http://git.php.net/?p=php-src.git;a=patch;h=2d07f00b73d8f94099850e0f5983e1cc5817c196
+	NOTE: https://git.php.net/?p=php-src.git;a=patch;h=2d07f00b73d8f94099850e0f5983e1cc5817c196
 CVE-2019-11045 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP  ...)
 	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
 	- php7.3 7.3.15-1
@@ -25833,7 +25833,7 @@ CVE-2019-11045 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0
 	- php5 <removed>
 	NOTE: Fixed in PHP 7.4.1, 7.3.13
 	NOTE: PHP Bug: http://bugs.php.net/78863
-	NOTE: http://git.php.net/?p=php-src.git;a=patch;h=d74907b8575e6edb83b728c2a94df434c23e1f79
+	NOTE: https://git.php.net/?p=php-src.git;a=patch;h=d74907b8575e6edb83b728c2a94df434c23e1f79
 CVE-2019-11044 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Wi ...)
 	- php7.3 <not-affected> (Windows specific issue)
 	- php7.0 <not-affected> (Windows specific issue)
@@ -25848,7 +25848,7 @@ CVE-2019-11043 (In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x
 	NOTE: Fixed in PHP 7.3.11, 7.2.24
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78599
 	NOTE: https://www.tenable.com/blog/cve-2019-11043-vulnerability-in-php-fpm-could-lead-to-remote-code-execution-on-nginx
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=ab061f95ca966731b1c84cf5b7b20155c0a1c06a
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=ab061f95ca966731b1c84cf5b7b20155c0a1c06a
 CVE-2019-11042 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
 	{DSA-4529-1 DSA-4527-1 DLA-1878-1}
 	- php7.3 7.3.8-1
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index d754aab54b..da1ea63483 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -38634,7 +38634,7 @@ CVE-2020-7067 (In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x
 	- php5 <removed> (unimportant)
 	NOTE: Fixed in PHP 7.4.5, 7.3.17
 	NOTE: PHP Bug: https://bugs.php.net/79465
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=9d6bf8221b05f86ce5875832f0f646c4c1f218be
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=9d6bf8221b05f86ce5875832f0f646c4c1f218be
 	NOTE: This only affects builds which enable EDBDIC
 CVE-2020-7066 (In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below ...)
 	{DSA-4719-1 DSA-4717-1 DLA-2188-1}
@@ -38644,7 +38644,7 @@ CVE-2020-7066 (In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x
 	- php5 <removed>
 	NOTE: Fixed in PHP 7.4.4, 7.3.16, 7.2.29
 	NOTE: PHP Bug: https://bugs.php.net/79329
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0d139c5b94a5f485a66901919e51faddb0371c43
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=0d139c5b94a5f485a66901919e51faddb0371c43
 CVE-2020-7065 (In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using  ...)
 	{DSA-4719-1}
 	- php7.4 7.4.5-1
@@ -38653,7 +38653,7 @@ CVE-2020-7065 (In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while u
 	- php5 <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed in PHP 7.4.4, 7.3.16
 	NOTE: PHP Bug: https://bugs.php.net/79371
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=1fdffd1c55d771ca22ae217784ab75fce592ad38
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=1fdffd1c55d771ca22ae217784ab75fce592ad38
 CVE-2020-7064 (In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below  ...)
 	{DSA-4719-1 DSA-4717-1 DLA-2188-1}
 	- php7.4 7.4.5-1
@@ -38662,7 +38662,7 @@ CVE-2020-7064 (In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x b
 	- php5 <removed>
 	NOTE: Fixed in PHP 7.4.4, 7.3.16, 7.2.29
 	NOTE: PHP Bug: https://bugs.php.net/79282
-	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=25238bdf6005b85ab844aa2b743b589dfce9f0d2
+	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=25238bdf6005b85ab844aa2b743b589dfce9f0d2
 CVE-2020-7063 (In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below ...)
 	{DSA-4719-1 DSA-4717-1 DLA-2160-1}
 	- php7.4 7.4.3-1
author	Salvatore Bonaccorso <carnil@debian.org>	2020-08-23 19:39:08 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-08-23 19:39:08 +0200
commit	41d7c650ad0ab35118aa07356d72df26fa66f0e0 (patch)
tree	3624f86c05e5950f1b0a1def3056ab2874e410c9
parent	8b03458cc1e9bf5f12d4980c7f9e50e13d3ec43d (diff)