[Secure-testing-commits] r11079 - data/CVE
atomo64-guest at alioth.debian.org
atomo64-guest at alioth.debian.org
Wed Jan 28 18:22:51 UTC 2009
Author: atomo64-guest
Date: 2009-01-28 18:22:50 +0000 (Wed, 28 Jan 2009)
New Revision: 11079
Modified:
data/CVE/list
Log:
php5 issues update/cleanup
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-01-28 17:58:55 UTC (rev 11078)
+++ data/CVE/list 2009-01-28 18:22:50 UTC (rev 11079)
@@ -869,7 +869,7 @@
CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and ...)
- php5 <unfixed> (low)
TODO: check php4
- NOTE: status is unclear, further investigation is needed
+ NOTE: there's not enough information available, no known bug, no known fix
CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before ...)
NOT-FOR-US: SPIP
CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 ...)
@@ -1990,8 +1990,6 @@
- rsyslog 3.18.6-1 (bug #508027)
CVE-2008-5624 (PHP 5 before 5.2.7 does not properly initialize the page_uid and ...)
- php5 5.2.6.dfsg.1-1 (bug #508021)
- NOTE: Fixed in php 5.2.7, not yet in the archive
- NOTE: http://securityreason.com/achievement_securityalert/59
TODO: check php4
CVE-2008-5660 (Format string vulnerability in the vinagre_utils_show_error function ...)
- vinagre 0.5.1-2
More information about the Secure-testing-commits
mailing list