[Secure-testing-commits] r5725 - data/CVE
Florian Weimer
fw at alioth.debian.org
Tue Apr 24 17:07:57 UTC 2007
Author: fw
Date: 2007-04-24 17:07:54 +0000 (Tue, 24 Apr 2007)
New Revision: 5725
Modified:
data/CVE/list
Log:
fix syntax
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-04-24 16:29:40 UTC (rev 5724)
+++ data/CVE/list 2007-04-24 17:07:54 UTC (rev 5725)
@@ -3049,7 +3049,7 @@
{DSA-1264-1}
- php5 5.2.0-9 (bug #410561; bug #410995; medium)
- php4 6:4.4.4-9
- [etch] - php4 6:4.4.4-8+etch1
+ [etch] - php4 6:4.4.4-8+etch1
NOTE: fix is believed to be isolated, needs verification and backporting:
NOTE: see CVE-2007-0910_clobbering-superglobals.diff in
NOTE: http://people.debian.org/~seanius/security/php
@@ -3057,7 +3057,7 @@
{DSA-1264-1}
- php5 5.2.0-9 (bug #410561; bug #410995; medium)
- php4 6:4.4.4-9
- [etch] - php4 6:4.4.4-8+etch1
+ [etch] - php4 6:4.4.4-8+etch1
NOTE: half of fix (odbc part) is found, still trying to dig out the
NOTE: problems related to *print functions.
NOTE: see CVE-2007-0910_clobbering-superglobals.diff in
@@ -3085,7 +3085,7 @@
NOTE: (4) is a non-issue, as we don't use the bundled sqlite
- php5 5.2.0-9 (bug #410561; bug #410995; medium)
- php4 6:4.4.4-9
- [etch] - php4 6:4.4.4-8+etch1
+ [etch] - php4 6:4.4.4-8+etch1
CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir ...)
- php5 <unfixed> (bug #410561; bug #410995; unimportant)
NOTE: we normally don't spend much time on safe_mode and open_basedir
More information about the Secure-testing-commits
mailing list