[Secure-testing-commits] r10623 - in data: . CVE
atomo64-guest at alioth.debian.org
atomo64-guest at alioth.debian.org
Fri Dec 5 03:31:21 UTC 2008
Author: atomo64-guest
Date: 2008-12-05 03:31:20 +0000 (Fri, 05 Dec 2008)
New Revision: 10623
Modified:
data/CVE/list
data/embedded-code-copies
Log:
New php issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-04 21:41:46 UTC (rev 10622)
+++ data/CVE/list 2008-12-05 03:31:20 UTC (rev 10623)
@@ -1,3 +1,6 @@
+CVE-2008-XXXX [php5/ext/zip: ZipArchive::extractTo() Directory Traversal Vulnerability]
+ - php5 <unfixed> (bug #507857)
+ - php4 <unfixed>
CVE-2008-5323 (Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg ...)
NOT-FOR-US: Wysi Wiki Wyg
CVE-2008-5322 (Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information ...)
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2008-12-04 21:41:46 UTC (rev 10622)
+++ data/embedded-code-copies 2008-12-05 03:31:20 UTC (rev 10623)
@@ -684,3 +684,6 @@
harfbuzz
- qt4-x11 <unfixed> (embed)
+
+libzip
+ - php5 <unfixed> (fork)
More information about the Secure-testing-commits
mailing list