[Secure-testing-commits] r15675 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Fri Dec 10 05:03:22 UTC 2010
Author: geissert
Date: 2010-12-10 05:03:21 +0000 (Fri, 10 Dec 2010)
New Revision: 15675
Modified:
data/CVE/list
Log:
php5, phpmyadmin, 2 linux issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-12-09 21:14:28 UTC (rev 15674)
+++ data/CVE/list 2010-12-10 05:03:21 UTC (rev 15675)
@@ -118,6 +118,7 @@
CVE-2010-4481
RESERVED
CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to ...)
+ - phpmyadmin <unfixed>
TODO: check
CVE-2010-4510
REJECTED
@@ -283,9 +284,9 @@
CVE-2010-4337 [gnash: insecure temp files handling in configure script]
RESERVED
- gnash <unfixed> (unimportant; bug #605419)
-CVE-2010-XXXX [php and NUL handling on file ops]
+CVE-2006-7243 [php and NUL handling on file ops]
- php5 5.3.3-6 (low)
- NOTE: old, known, issue -- Pierre already requested an id
+ NOTE: old, known, issue -- partial protection by the suhosin extension
NOTE: http://svn.php.net/viewvc?view=revision&revision=305507
CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...)
- php5 5.3.3-6
@@ -441,10 +442,14 @@
RESERVED
CVE-2010-4344
RESERVED
-CVE-2010-4343
+CVE-2010-4343 [linux: bfa driver sysfs crash]
RESERVED
-CVE-2010-4342
+ - linux-2.6 <unfixed>
+ TODO: check
+CVE-2010-4342 [linux: NULL pointer dereference in AF_ECONET]
RESERVED
+ - linux-2.6 <unfixed>
+ TODO: check
CVE-2010-4341
RESERVED
CVE-2010-4333
@@ -913,6 +918,7 @@
CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...)
NOT-FOR-US: DeluxeBB
CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
+ - php5 <unfixed>
TODO: check
CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
- turbogears2 2.0.3-1
More information about the Secure-testing-commits
mailing list