[Secure-testing-commits] r6845 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sun Oct 7 08:00:44 UTC 2007
Author: nion
Date: 2007-10-07 08:00:44 +0000 (Sun, 07 Oct 2007)
New Revision: 6845
Modified:
data/CVE/list
Log:
php4 was removed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-10-07 07:59:02 UTC (rev 6844)
+++ data/CVE/list 2007-10-07 08:00:44 UTC (rev 6845)
@@ -2749,7 +2749,8 @@
CVE-2007-3998 (The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, ...)
{DTSA-61-1}
- php5 5.2.4-1 (low)
- - php4 <unfixed> (low)
+ - php4 <removed> (low)
+ NOTE: this applies to php4 as well
NOTE: i think it is medium since it can be easily used to DoS on shared hosting systems
NOTE: a diff between 5.2.3 (debian) and 5.2.4 (upstream) of ext/standard/string.c
NOTE: so maybe this is already fixed in 5.2.3, not sure
More information about the Secure-testing-commits
mailing list