[Secure-testing-commits] r5469 - data/CVE

Sean Finney seanius at alioth.debian.org
Sun Feb 18 00:53:31 UTC 2007 

Author: seanius
Date: 2007-02-18 01:53:28 +0100 (Sun, 18 Feb 2007)
New Revision: 5469

Modified:
   data/CVE/list
Log:
comments on some of the latest php CVE's

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-02-17 10:48:07 UTC (rev 5468)
+++ data/CVE/list	2007-02-18 00:53:28 UTC (rev 5469)
@@ -174,18 +174,31 @@
 	NOT-FOR-US: JPortal
 CVE-2007-0911 (Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow ...)
 	- php5 <unfixed> (bug #410561; medium)
+	NOTE: this is a regression in the 5.2.1 release which is not yet uploaded.
+	NOTE: so we should just make sure we patch 5.2.1.  Leaving open in the
+	NOTE: meantime, so we don't forget about it.
 CVE-2007-0910 (Unspecified vulnerability PHP before 5.2.1 allows attackers to ...)
 	- php5 <unfixed> (bug #410561; medium)
 CVE-2007-0909 (Multiple format string vulnerabilities in PHP before 5.2.1 might allow ...)
 	- php5 <unfixed> (bug #410561; medium)
 CVE-2007-0908 (The wddx extension in PHP before 5.2.1 allows remote attackers to ...)
-	- php5 <unfixed> (bug #410561; medium)
+	NOT-FOR-US: PHP
+	NOTE: this extension is not enabled in the php packages
 CVE-2007-0907 (Buffer underflow in PHP before 5.2.1 allows attackers to cause a ...)
 	- php5 <unfixed> (bug #410561; medium)
 CVE-2007-0906 (Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause ...)
+	NOTE: still separating the wheat from the chaff for the "unspecified"
+	NOTE: vulnerabilities.  the list of changes to be sorted through are
+	NOTE: available as CVE-2007-0906_N_description.diff at
+	NOTE: http://people.debian.org/~seanius/security/php/
+	NOTE: (4) is a non-issue, as we don't use the bundled sqlite
 	- php5 <unfixed> (bug #410561; medium)
 CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir ...)
 	- php5 <unfixed> (bug #410561; medium)
+	NOTE: we normally don't spend much time on safe_mode and open_basedir
+	NOTE: issues, but the because the attack vectors are "unspecified", it
+	NOTE: would be harder for us to try and sort out the fixes for this
+	NOTE: from the fixes in CVE-2007-0906 (see there for more info)
 CVE-2007-0904 (SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows ...)
 	NOT-FOR-US: LightRO CMS
 CVE-2007-0903 (Unspecified vulnerability in the mod_roster_odbc module in ejabberd ...)

More information about the Secure-testing-commits mailing list