[Secure-testing-commits] r13071 - data/CVE
Kees Cook
kees at alioth.debian.org
Thu Oct 22 23:55:29 UTC 2009
Author: kees
Date: 2009-10-22 23:55:28 +0000 (Thu, 22 Oct 2009)
New Revision: 13071
Modified:
data/CVE/list
Log:
NFUs: 1, unfixed: libgd2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-22 22:09:28 UTC (rev 13070)
+++ data/CVE/list 2009-10-22 23:55:28 UTC (rev 13071)
@@ -420,6 +420,7 @@
CVE-2009-3547
RESERVED
CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the ...)
+ - libgd2 <unfixed> (medium)
- php5 <not-affected> (the php packages use the system libgd2)
NOTE: http://svn.php.net/viewvc?view=revision&revision=289557
NOTE: <20091015173822.084de220 at redhat.com> in OSS-sec
@@ -428,7 +429,7 @@
CVE-2009-3544 (Xerver HTTP Server 4.32 allows remote attackers to obtain the source ...)
NOT-FOR-US: Xerver HTTP Server
CVE-2009-3527 (Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 ...)
- TODO: check
+ NOT-FOR-US: FreeBSD (kernel kqueue)
CVE-2009-3526
RESERVED
CVE-2009-XXXX [php5's pear is vulnerable to symlink attacks]
More information about the Secure-testing-commits
mailing list