[Secure-testing-commits] r5680 - data
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Thu Apr 19 20:26:22 UTC 2007
Author: jmm-guest
Date: 2007-04-19 20:26:21 +0000 (Thu, 19 Apr 2007)
New Revision: 5680
Modified:
data/mopb.txt
Log:
fancy php4 status page
Modified: data/mopb.txt
===================================================================
--- data/mopb.txt 2007-04-19 20:25:56 UTC (rev 5679)
+++ data/mopb.txt 2007-04-19 20:26:21 UTC (rev 5680)
@@ -5,7 +5,9 @@
[MOPB-41-php5.diff]
34 PHP mail() Header Injection Through Subject and To Parameters
-#TODO(medium) -> needs to be fixed, CVE-2007-1718 (php4 & php5, header injection possible via some MTAs when set to process the headers for recipients)
+#TODO(medium) -> needs to be fixed, CVE-2007-1718 (php4 & php5, header
+injection possible via some MTAs when set to process the headers for
+recipients), Sarge's php4 not affected
[MOPB-34-php5.diff]
30 PHP _SESSION unset() Vulnerability
@@ -171,7 +173,27 @@
(Comments starting with TOFIX indicate that a patch has been created or extracted)
+# php4 checklist
+ Sarge Etch
+41
+35
+32
+34 / a
+30
+26
+23
+22
+10 a a
+04
+
+? = more info
+x = fix needed
+* = extracted
+a = patch generated and commited to SVN
+T = code tested
+/ = not affected
+
# PHP5 checklist....
MOPB Sarge, Etch, Unstable Dapper, Edgy, Feisty PATCH
10 X X X X X X *
@@ -209,3 +231,6 @@
in-trunk "fix":
http://cvs.php.net/viewvc.cgi/php-src/ext/sqlite/libsqlite/src/encode.c?r1=1.5.4.1&r2=1.5.4.1.2.1&pathrev=PHP_5_2
[3] this needs a CVE assigned
+
+
+
More information about the Secure-testing-commits
mailing list