[Secure-testing-commits] r6648 - data/CVE
seanius at alioth.debian.org
seanius at alioth.debian.org
Wed Sep 19 22:07:53 UTC 2007
Author: seanius
Date: 2007-09-19 22:07:52 +0000 (Wed, 19 Sep 2007)
New Revision: 6648
Modified:
data/CVE/list
Log:
add note to point out fixes for the two php/oldstable vulns are now in svn
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-19 21:28:29 UTC (rev 6647)
+++ data/CVE/list 2007-09-19 22:07:52 UTC (rev 6648)
@@ -712,7 +712,7 @@
CVE-2007-4657 (Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before ...)
- php5 <unfixed>
- php4 <removed>
- NOTE: fixed in php5/etch svn
+ NOTE: fixed in php5/etch, php4/sarge svn
CVE-2007-4656 (backup-manager-upload in Backup Manager before 0.6.3 provides the FTP ...)
- backup-manager 0.7.6-3 (bug #439392)
CVE-2007-4655 (Multiple directory traversal vulnerabilities in CGI RESCUE Shopping ...)
@@ -2609,7 +2609,7 @@
NOTE: also may not work if other cookie values are set.
NOTE: fix sneaked into php 5.2.3 sans-mention:
NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.36&r2=1.417.2.8.2.37&pathrev=PHP_5_2
- NOTE: fixed in php5/etch svn
+ NOTE: fixed in php5/etch, php4/sarge svn
- php4 <unfixed> (low)
- php5 <unfixed> (low; bug #441433)
CVE-2007-3798 (Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 ...)
More information about the Secure-testing-commits
mailing list