[Secure-testing-commits] r6434 - data/CVE

seanius at alioth.debian.org seanius at alioth.debian.org
Wed Aug 29 22:30:06 UTC 2007


Author: seanius
Date: 2007-08-29 22:30:05 +0000 (Wed, 29 Aug 2007)
New Revision: 6434

Modified:
   data/CVE/list
Log:
update on php-gd vuln actually in libt1

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-29 19:49:33 UTC (rev 6433)
+++ data/CVE/list	2007-08-29 22:30:05 UTC (rev 6434)
@@ -1188,7 +1188,9 @@
 CVE-2007-4034 (Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! ...)
 	NOT-FOR-US: Yahoo! Widgets
 CVE-2007-4033 (Buffer overflow in php_gd2.dll in the gd (PHP_GD2) extension in PHP ...)
-	- php5 <unfixed> (bug #439927)
+	- libt1 <unfixed> (bug #439927)
+	NOTE: originally posted as a php vuln, actually in libt1
+	NOTE: http://www.securityfocus.com/bid/25079 (particularly the discussions)
 CVE-2007-4032 (Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote ...)
 	NOT-FOR-US: CrystalPlayer
 CVE-2007-4031 (Directory traversal vulnerability in a certain ActiveX control in ...)




More information about the Secure-testing-commits mailing list