[Secure-testing-commits] r5657 - in data: . CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Mon Apr 16 19:34:34 UTC 2007
Author: jmm-guest
Date: 2007-04-16 19:34:30 +0000 (Mon, 16 Apr 2007)
New Revision: 5657
Modified:
data/CVE/list
data/mopb.txt
Log:
PHP updates (CVE dupes have been cross-checked by Red Hat)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-04-16 12:55:06 UTC (rev 5656)
+++ data/CVE/list 2007-04-16 19:34:30 UTC (rev 5657)
@@ -605,9 +605,10 @@
CVE-2007-1702 (PHP remote file inclusion vulnerability in mod_flatmenu.php in the ...)
NOT-FOR-US: Flatmenu
CVE-2007-1701 (PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is ...)
- - php4 <unfixed> (unimportant)
- - php5 <unfixed> (unimportant)
+ - php5 5.2.0-9 (unimportant)
+ - php4 6:4.4.4-9 (unimportant)
NOTE: register_globals not supported
+ NOTE: Dupe of CVE-2007-0910
CVE-2007-1700 (The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, ...)
- php4 <unfixed> (unknown)
- php5 <unfixed> (unknown)
@@ -875,7 +876,8 @@
CVE-2007-1585 (The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware ...)
NOT-FOR-US: Cisco
CVE-2007-1584 (Buffer underflow in the header function in PHP 5.2.0 allows ...)
- - php5 <unfixed> (medium)
+ - php5 5.2.0-9 (bug #410561; bug #410995; medium)
+ NOTE: Dupe of CVE-2007-1584
CVE-2007-1583 (The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through ...)
- php5 <unfixed> (medium)
- php4 <unfixed> (medium)
@@ -2764,7 +2766,6 @@
CVE-2007-0907 (Buffer underflow in PHP before 5.2.1 allows attackers to cause a ...)
{DSA-1264-1}
- php5 5.2.0-9 (bug #410561; bug #410995; medium)
- - php4 6:4.4.4-9
NOTE: fix found, needs testing/backporting. see:
NOTE: CVE-2007-0907_sapi_header_op.diff in
NOTE: http://people.debian.org/~seanius/security/php
Modified: data/mopb.txt
===================================================================
--- data/mopb.txt 2007-04-16 12:55:06 UTC (rev 5656)
+++ data/mopb.txt 2007-04-16 19:34:30 UTC (rev 5657)
@@ -14,7 +14,7 @@
# Already fixed in DSA-1264 and the respective PHP4/PHP5 packages, dupe CVE-2007-0906/CVE-2007-1825
39 PHP str_replace() Memory Allocation Integer Overflow Vulnerability
-# Already fixed in DSA-1264 and the respective PHP4/PHP5 packages, dupe CVE-2007-0906/CVE-2007-1825
+# Already fixed in DSA-1264 and the respective PHP4/PHP5 packages, dupe CVE-2007-0906/CVE-2007-1885
38 PHP printf() Family 64 Bit Casting Vulnerabilities
# Already fixed in DSA-1264 and the respective PHP4/PHP5 packages, dupe CVE-2007-0909/CVE-2007-1884
@@ -38,7 +38,7 @@
TODO, needs to be fixed in php/etch, sarge not affected
31 PHP _SESSION Deserialization Overwrite Vulnerability
-#N/A register_globals not supported
+#N/A register_globals not supported, already fixed in DSA-1264, dupe CVE-2007-0910/CVE-2007-1701
30 PHP _SESSION unset() Vulnerability
#TODO, CVE-2007-1700
@@ -56,7 +56,7 @@
#TODO(medium) functionally enables register_globals for any future requests, CVE-2007-1583 (php4 & php5, enables stealth register_globals for life of process)
25 PHP header() Space Trimming Buffer Underflow Vulnerability
-#TODO(medium) -> Should be fixed for PHP5, Sarge is not affected, CVE-2007-1584 (php5 5.2.0 only, code execution on big endian)
+# Already fixed in Etch as part of the 5.2.1 backport, dupe CVE-2007-0907/CVE-2007-1584
24 PHP array_user_key_compare() Double DTOR Vulnerability
#TODO(medium) -> locally exploitable to gain access to process memory (not remote), CVE-2007-1484 (php4 & php5, code execution)
More information about the Secure-testing-commits
mailing list