From 41d7c650ad0ab35118aa07356d72df26fa66f0e0 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sun, 23 Aug 2020 19:39:08 +0200 Subject: Replace git.php.net HTTP URLs with HTTPS URLs --- data/CVE/2014.list | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'data/CVE/2014.list') diff --git a/data/CVE/2014.list b/data/CVE/2014.list index be349e9ee2..d796d043ba 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -2025,8 +2025,8 @@ CVE-2014-9709 (The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as NOTE: https://bugs.php.net/bug.php?id=68601 NOTE: Fix in libgd2: https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43 NOTE: Also related: https://bitbucket.org/libgd/gd-libgd/commits/81e9a993f2893d651d225646378e3fd1b7465467 - NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=07b5896a1389c3e865cbd2fb353806b2cefe4f5c - NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695 + NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=07b5896a1389c3e865cbd2fb353806b2cefe4f5c + NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695 NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd, the embedded copy was fixed upstream in 5.6.5 NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/469990b43c294692493f15f8400560fe5d966a02 CVE-2014-9701 (Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and ...) @@ -3108,7 +3108,7 @@ CVE-2014-9427 (sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5 - php5 5.6.5+dfsg-1 [squeeze] - php5 (Introduced in 5.4.1) NOTE: https://bugs.php.net/bug.php?id=68618 - NOTE: http://git.php.net/?p=php-src.git;a=commit;h=f9ad3086693fce680fbe246e4a45aa92edd2ac35 + NOTE: https://git.php.net/?p=php-src.git;a=commit;h=f9ad3086693fce680fbe246e4a45aa92edd2ac35 CVE-2014-XXXX [CRAM-MD5 authentication bypass] - dbmail (Only affects versions supporting cram-md5, so 3.0.0 and later) NOTE: http://blog.gmane.org/gmane.mail.imap.dbmail/day=20141219 @@ -5278,7 +5278,7 @@ CVE-2014-8627 (PolarSSL 1.3.8 does not properly negotiate the signature algorith CVE-2014-8626 (Stack-based buffer overflow in the date_from_ISO8601 function in ext/x ...) - php5 5.2.9.dfsg.1-1 NOTE: https://bugs.php.net/bug.php?id=45226 - NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c818d0d01341907fee82bdb81cab07b7d93bb9db + NOTE: https://git.php.net/?p=php-src.git;a=commit;h=c818d0d01341907fee82bdb81cab07b7d93bb9db CVE-2014-8625 (Multiple format string vulnerabilities in the parse_error_msg function ...) - dpkg 1.17.22 (unimportant; bug #768485) [wheezy] - dpkg 1.16.16 @@ -6119,12 +6119,12 @@ CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for {DSA-3059-1 DLA-79-1} - dokuwiki 0.0.20140929.a-1 (bug #766545) [jessie] - dokuwiki (PHP 5.6 in jessie fixes this on the PHP level, see #766545) - NOTE: Fix at PHP level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c + NOTE: Fix at PHP level: https://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP auth ...) {DSA-3059-1 DLA-79-1} - dokuwiki 0.0.20140929.a-1 (bug #766545) [jessie] - dokuwiki (PHP 5.6 in jessie fixes this on the PHP level, see #766545) - NOTE: Fix at PHP level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c + NOTE: Fix at PHP level: https://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remo ...) {DSA-3059-1} - dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545) @@ -6573,8 +6573,8 @@ CVE-2014-8143 (Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before CVE-2014-8142 (Use-after-free vulnerability in the process_nested_data function in ex ...) {DSA-3117-1} - php5 5.6.5+dfsg-1 (unimportant) - NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=630f9c33c23639de85c3fd306b209b538b73b4c9 - NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=53f129a44d3c4ec0fae57993b9ae2f6cb48973cc + NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=630f9c33c23639de85c3fd306b209b538b73b4c9 + NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=53f129a44d3c4ec0fae57993b9ae2f6cb48973cc NOTE: Only affects an inherently insecure use case CVE-2014-8141 (Heap-based buffer overflow in the getZip64Data function in Info-ZIP Un ...) {DSA-3113-1 DLA-124-1} @@ -14749,7 +14749,7 @@ CVE-2014-4699 (The Linux kernel before 3.15.4 on Intel processors does not prope NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a CVE-2014-4698 (Use-after-free vulnerability in ext/spl/spl_array.c in the SPL compone ...) - php5 5.6.0~rc3+dfsg-1 (unimportant) - NOTE: http://git.php.net/?p=php-src.git;a=commit;h=22882a9d89712ff2b6ebc20a689a89452bba4dcd + NOTE: https://git.php.net/?p=php-src.git;a=commit;h=22882a9d89712ff2b6ebc20a689a89452bba4dcd NOTE: https://bugs.php.net/bug.php?id=67539 NOTE: exploitable by malicious scripts only CVE-2014-4697 @@ -14808,7 +14808,7 @@ CVE-2014-4670 (Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL c {DSA-3008-1} - php5 5.6.0~rc3+dfsg-1 (unimportant) NOTE: exploitable by malicious scripts only - NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=df78c48354f376cf419d7a97f88ca07d572f00fb + NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=df78c48354f376cf419d7a97f88ca07d572f00fb NOTE: https://bugs.php.net/bug.php?id=67538 CVE-2014-4669 (HP Enterprise Maps 1.00 allows remote authenticated users to read arbi ...) NOT-FOR-US: HP Enterprise Maps @@ -17075,7 +17075,7 @@ CVE-2014-3710 (The donote function in readelf.c in file through 5.20, as used in NOTE: Upstream fix: https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0 - php5 5.6.3+dfsg-1 (bug #768807) NOTE: https://bugs.php.net/bug.php?id=68283 - NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=1803228597e82218a8c105e67975bc50e6f5bf0d (PHP 5.4 branch) + NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=1803228597e82218a8c105e67975bc50e6f5bf0d (PHP 5.4 branch) CVE-2014-3709 (The org.keycloak.services.resources.SocialResource.callback method in ...) NOT-FOR-US: JBoss KeyCloak CVE-2014-3708 (OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 ...) @@ -21571,7 +21571,7 @@ CVE-2014-2270 (softmagic.c in file before 5.17 and libmagic allows context-depen NOTE: http://bugs.gw.com/view.php?id=313 NOTE: https://github.com/glensc/file/commit/447558595a3650db2886cd2f416ad0beba965801 - php5 5.5.10+dfsg-1 (bug #740960) - NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f + NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f CVE-2014-5795 REJECTED CVE-2014-2245 (SQL injection vulnerability in the News module in CMS Made Simple (CMS ...) -- cgit v1.2.3