[Secure-testing-commits] r8926 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed May 28 21:14:15 UTC 2008 

Author: joeyh
Date: 2008-05-28 21:14:13 +0000 (Wed, 28 May 2008)
New Revision: 8926

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-05-28 19:13:15 UTC (rev 8925)
+++ data/CVE/list	2008-05-28 21:14:13 UTC (rev 8926)
@@ -765,12 +765,12 @@
 CVE-2008-2085 (Multiple stack-based buffer overflows in the (1) get_remote_ip_media ...)
 	- sip-tester 2.0.1-1.2 (low; bug #479039)
 CVE-2008-2051 (The escapeshellcmd API function in PHP before 5.2.6 has unknown impact ...)
-	{DSA-1578-1 DSA-1572-1}
+	{DSA-1578-1 DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: http://www.php.net/ChangeLog-5.php
 	NOTE: http://www.sektioneins.de/advisories/SE-2008-03.txt
 CVE-2008-2050 (Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP ...)
-	{DSA-1572-1}
+	{DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: php4 not affected, the vulnerable code isn't present
 	NOTE: http://www.php.net/ChangeLog-5.php
@@ -1626,6 +1626,7 @@
 	RESERVED
 CVE-2008-1672
 	RESERVED
+	{DTSA-136-1}
 	- openssl 0.9.8g-10.1 (bug #483379)
 	[etch] - openssl <not-affected> (Vulnerable code (TLS extensions) not present)
 CVE-2008-1671 (start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, ...)
@@ -2274,7 +2275,7 @@
 	- serendipity 1.3.1-1 (low)
 	NOTE: etch affected, but only in specific plugin.
 CVE-2008-1384 (Integer overflow in PHP 5.2.5 and earlier allows context-dependent ...)
-	{DSA-1572-1}
+	{DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1 (unimportant)
 	NOTE: http://securityreason.com/achievement_securityalert/52
 	NOTE: Only exploitable through malicious script
@@ -3455,6 +3456,7 @@
 	NOT-FOR-US: Red Hat Administration Server
 CVE-2008-0891
 	RESERVED
+	{DTSA-136-1}
 	- openssl 0.9.8g-10.1 (bug #483379)
 	[etch] - openssl <not-affected> (Vulnerable code (TLS extensions) not present)
 CVE-2008-0890 (Red Hat Directory Server 7.1 before SP4 uses insecure permissions for ...)
@@ -4096,6 +4098,7 @@
 	{DSA-1494-1 DTSA-113-1}
 	- linux-2.6 2.6.24-4 (high)
 CVE-2008-0599 (The init_request_info function in sapi/cgi/cgi_main.c in PHP before ...)
+	{DTSA-135-1}
 	- php5 5.2.6-1
 	[etch] - php5 <not-affected> (Vulnerable code not yet present)
 	[etch] - php4 <not-affected> (Vulnerable code not yet present)

More information about the Secure-testing-commits mailing list