[Secure-testing-commits] r12931 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Sat Oct 3 20:23:08 UTC 2009
Author: geissert
Date: 2009-10-03 20:23:08 +0000 (Sat, 03 Oct 2009)
New Revision: 12931
Modified:
data/CVE/list
Log:
php's pear symlinks vuln
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-03 17:08:07 UTC (rev 12930)
+++ data/CVE/list 2009-10-03 20:23:08 UTC (rev 12931)
@@ -1,3 +1,8 @@
+CVE-2009-XXXX [php5's pear is vulnerable to symlink attacks]
+ - php5 <unfixed> (low; bug #546164)
+ NOTE: side-effect reported to upstream: http://bugs.php.net/44354
+ NOTE: but they apparently only fixed the issue at build time
+ NOTE: needs re-testing, as I don't remember the test conditions
CVE-2009-3543
NOT-FOR-US: Phenotype CMS
CVE-2009-3542
More information about the Secure-testing-commits
mailing list