[Secure-testing-commits] r14403 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Mon Apr 5 05:00:46 UTC 2010
Author: geissert
Date: 2010-04-05 05:00:38 +0000 (Mon, 05 Apr 2010)
New Revision: 14403
Modified:
data/CVE/list
Log:
php issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-05 02:11:55 UTC (rev 14402)
+++ data/CVE/list 2010-04-05 05:00:38 UTC (rev 14403)
@@ -263,11 +263,14 @@
- qt4-x11 <undetermined> (unimportant)
NOTE: browser crashes are not considered security-relevant
CVE-2010-1130 (session.c in the session extension in PHP before 5.2.13, and 5.3.1, ...)
- TODO: check
+ - php5 5.3.2-1 (unimportant)
+ NOTE: open_basedir not supported
CVE-2010-1129 (The safe_mode implementation in PHP before 5.2.13 does not properly ...)
- TODO: check
+ - php5 5.3.2-1 (unimportant)
+ NOTE: safe_mode not supported
CVE-2010-1128 (The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not ...)
- TODO: check
+ - php5 5.3.2-1 (low)
+ NOTE: probably no-dsa, but will see what else can be fixed in stable to make an upload
CVE-2010-1127 (Microsoft Internet Explorer 6 and 7 does not initialize certain data ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-1126 (The JavaScript implementation in WebKit allows remote attackers to ...)
More information about the Secure-testing-commits
mailing list