[Secure-testing-commits] r5678 - data/CVE
Florian Weimer
fw at alioth.debian.org
Thu Apr 19 07:10:10 UTC 2007
Author: fw
Date: 2007-04-19 07:10:05 +0000 (Thu, 19 Apr 2007)
New Revision: 5678
Modified:
data/CVE/list
Log:
CVE-2007-1888: sqlite3 is not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-04-19 00:43:40 UTC (rev 5677)
+++ data/CVE/list 2007-04-19 07:10:05 UTC (rev 5678)
@@ -449,6 +449,7 @@
CVE-2007-1888 (Buffer overflow in the sqlite_decode_binary function in src/encode.c ...)
- sqlite <unfixed> (medium)
NOTE: this is really just an "unsafe" API, not really a security issue against sqlite itself.
+ NOTE: SQLite 3 no longer contains the affected function.
CVE-2007-1887 (Buffer overflow in the sqlite_decode_binary function in the bundled ...)
- php4 <not-affected> (SQLite not enabled in PHP 4 packages)
- php5 <unfixed> (medium)
More information about the Secure-testing-commits
mailing list