[Secure-testing-commits] r2680 - data/CVE
Neil McGovern
neilm at costa.debian.org
Sun Nov 6 21:46:47 UTC 2005
Author: neilm
Date: 2005-11-06 21:46:41 +0000 (Sun, 06 Nov 2005)
New Revision: 2680
Modified:
data/CVE/list
Log:
News from our local friendly php developer - this'll be fixed in 5.1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-11-06 14:44:51 UTC (rev 2679)
+++ data/CVE/list 2005-11-06 21:46:41 UTC (rev 2680)
@@ -216,6 +216,7 @@
- php4 <unfixed> (bug #336645; low)
- php5 <unfixed> (bug #336654; low)
NOTE: http://www.hardened-php.net/advisory_182005.77.html
+ NOTE: fixed in CVS, estimated release of PHP5.1 to fix this issue
CVE-2005-3387 (The startup script in packages/RedHat/ntop.init in ntop before 3.2, ...)
- ntop <not-affected> (Red Hat specific packaging flaw)
CVE-2005-3386 (SQL injection vulnerability in Techno Dreams Web Directory script ...)
@@ -4890,6 +4891,7 @@
NOTE: php function that displays the PHP logo and version information. In the bug
NOTE: log the developers seem unwilling to fix this, as it only affects a debug
NOTE: function.
+ NOTE: fixed in CVS, estimated release of PHP5.1 to fix this issue
- php4 <unfixed> (bug #336645; low)
- php5 <unfixed> (bug #336654; low)
CVE-2002-1953 (Heap-based buffer overflow in the goim handler of AOL Instant ...)
More information about the Secure-testing-commits
mailing list