[Secure-testing-commits] r11348 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Fri Mar 6 23:54:36 UTC 2009
Author: jmm-guest
Date: 2009-03-06 23:54:35 +0000 (Fri, 06 Mar 2009)
New Revision: 11348
Modified:
data/CVE/list
Log:
new php issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-06 23:52:05 UTC (rev 11347)
+++ data/CVE/list 2009-03-06 23:54:35 UTC (rev 11348)
@@ -199,7 +199,9 @@
[lenny] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
[etch] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
CVE-2009-0754 (PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows ...)
- TODO: check
+ - php4 <removed> (low)
+ - php5 <unfixed> (low)
+ TODO: File bug
CVE-2008-6398 (sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary ...)
- sng 1.0.2-6 (bug #496407; unimportant)
CVE-2008-6397 (rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite ...)
@@ -2753,7 +2755,7 @@
CVE-2009-XXXX [openslp: insecure cert validation through openssl api misuse]
- openslp-dfsg <not-affected> (Debian's openslp doesn't build with SSL support)
CVE-2009-0114 (Unspecified vulnerability in the Settings Manager in Adobe Flash ...)
- TODO: check
+ NOT-FOR-US: Flash
CVE-2009-0113 (Directory traversal vulnerability in attachmentlibrary.php in the ...)
NOT-FOR-US: Joomla! component
CVE-2009-0112 (Cross-site request forgery (CSRF) vulnerability in ...)
More information about the Secure-testing-commits
mailing list