[Secure-testing-commits] r6745 - data/CVE

[nion at alioth.debian.org]

Author: nion
Date: 2007-10-01 05:27:04 +0000 (Mon, 01 Oct 2007)
New Revision: 6745

Modified:
   data/CVE/list
Log:
CVE-2007-4660 fixed in php5 5.2.4-1, notes about patch added


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-09-30 17:22:05 UTC (rev 6744)
+++ data/CVE/list	2007-10-01 05:27:04 UTC (rev 6745)
@@ -1048,8 +1048,10 @@
 	NOTE: This CVE refers to an incomplete fix for CVE-2007-2872, an issue only
 	NOTE: triggerable by malicious script
 CVE-2007-4660 (Unspecified vulnerability in the chunk_split function in PHP before ...)
-	- php5 <unfixed>
+	- php5 5.2.4-1
 	NOTE: fixed in php5/etch svn
+	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.60&r2=1.445.2.14.2.61&pathrev=PHP_5_2
+	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.61&r2=1.445.2.14.2.62&pathrev=PHP_5_2
 CVE-2007-4659 (The zend_alter_ini_entry function in PHP before 5.2.4 does not ...)
 	- php5 5.2.4-1
 	NOTE: fixed in php5/etch svn