[Secure-testing-commits] r8749 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Thu May 8 20:38:16 UTC 2008
Author: thijs
Date: 2008-05-08 20:38:15 +0000 (Thu, 08 May 2008)
New Revision: 8749
Modified:
data/CVE/list
Log:
GENERATE_SEED problem not present in php versions we ship in stable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-05-08 20:14:38 UTC (rev 8748)
+++ data/CVE/list 2008-05-08 20:38:15 UTC (rev 8749)
@@ -10,13 +10,14 @@
- libid3tag 0.15.1b-8 (low; bug #480187)
NOTE: totally different approach to fix the bug, see Kurts comments in the bug report
CVE-2008-2108 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, ...)
- - php5 <unfixed> (low)
- - php4 <unfixed> (low)
+ - php5 5.2.6-1 (low)
+ [etch] - php4 <not-affected> (Vulnerable code not present)
+ [etch] - php5 <not-affected> (Vulnerable code not present)
NOTE: http://www.sektioneins.de/advisories/SE-2008-02.txt
- NOTE: I don't believe we need to address this, likely no-dsa, but needs further checking
CVE-2008-2107 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, ...)
- - php5 <unfixed> (low)
- - php4 <unfixed> (low)
+ - php5 5.2.6-1 (low)
+ [etch] - php4 <not-affected> (Vulnerable code not present)
+ [etch] - php5 <not-affected> (Vulnerable code not present)
NOTE: closely related to CVE-2008-2108
CVE-2008-2106 (Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated ...)
NOT-FOR-US: Call of Duty
More information about the Secure-testing-commits
mailing list