[Secure-testing-commits] r2874 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Sun Nov 27 19:38:33 UTC 2005
Author: stef-guest
Date: 2005-11-27 19:38:29 +0000 (Sun, 27 Nov 2005)
New Revision: 2874
Modified:
data/CVE/list
Log:
php5 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-11-27 19:35:40 UTC (rev 2873)
+++ data/CVE/list 2005-11-27 19:38:29 UTC (rev 2874)
@@ -1212,12 +1212,10 @@
- openvpn 2.0.5-1 (bug #336751; medium)
CVE-2005-3392 (Unspecified vulnerability in PHP before 4.4.1, when using the virtual ...)
- php4 <unfixed> (bug #336645; unknown)
- TODO: check PHP5
- NOTE: pinged maintainers
+ - php5 <unfixed> (bug #336654; unknown)
CVE-2005-3391 (Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to ...)
- php4 <unfixed> (bug #336645; unknown)
- TODO: check PHP5
- NOTE: pinged maintainers
+ - php5 <unfixed> (bug #336654; unknown)
CVE-2005-3390 (The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to ...)
- php4 <unfixed> (bug #336645; high)
- php5 <unfixed> (bug #336654; high)
@@ -2515,7 +2513,7 @@
CVE-2005-2950 (Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through ...)
NOT-FOR-US: Sawmill
CVE-2005-2949 (pam_per_user before 0.4 does not verify if the user name changes ...)
- TODO: check
+ NOT-FOR-US: pam_per_user (not in Debian)
CVE-2005-2948 (KillProcess 2.20 and earlier allows local users to bypass kill list ...)
NOT-FOR-US: KillProcess
CVE-2005-2947 (Buffer overflow in KillProcess 2.20 and earlier allows user-complicit ...)
More information about the Secure-testing-commits
mailing list