[Secure-testing-commits] r10623 - in data: . CVE

atomo64-guest at alioth.debian.org atomo64-guest at alioth.debian.org
Fri Dec 5 03:31:21 UTC 2008


Author: atomo64-guest
Date: 2008-12-05 03:31:20 +0000 (Fri, 05 Dec 2008)
New Revision: 10623

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
New php issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-04 21:41:46 UTC (rev 10622)
+++ data/CVE/list	2008-12-05 03:31:20 UTC (rev 10623)
@@ -1,3 +1,6 @@
+CVE-2008-XXXX [php5/ext/zip: ZipArchive::extractTo() Directory Traversal Vulnerability]
+	- php5 <unfixed> (bug #507857)
+	- php4 <unfixed>
 CVE-2008-5323 (Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg ...)
 	NOT-FOR-US: Wysi Wiki Wyg
 CVE-2008-5322 (Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2008-12-04 21:41:46 UTC (rev 10622)
+++ data/embedded-code-copies	2008-12-05 03:31:20 UTC (rev 10623)
@@ -684,3 +684,6 @@
 
 harfbuzz
 	- qt4-x11 <unfixed> (embed)
+
+libzip
+	- php5 <unfixed> (fork)




More information about the Secure-testing-commits mailing list