[Secure-testing-commits] r15675 - data/CVE

[Raphael Geissert]

Author: geissert
Date: 2010-12-10 05:03:21 +0000 (Fri, 10 Dec 2010)
New Revision: 15675

Modified:
   data/CVE/list
Log:
php5, phpmyadmin, 2 linux issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-12-09 21:14:28 UTC (rev 15674)
+++ data/CVE/list	2010-12-10 05:03:21 UTC (rev 15675)
@@ -118,6 +118,7 @@
 CVE-2010-4481
 	RESERVED
 CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to ...)
+	- phpmyadmin <unfixed>
 	TODO: check
 CVE-2010-4510
 	REJECTED
@@ -283,9 +284,9 @@
 CVE-2010-4337 [gnash: insecure temp files handling in configure script]
 	RESERVED
 	- gnash <unfixed> (unimportant; bug #605419)
-CVE-2010-XXXX [php and NUL handling on file ops]
+CVE-2006-7243 [php and NUL handling on file ops]
 	- php5 5.3.3-6 (low)
-	NOTE: old, known, issue -- Pierre already requested an id
+	NOTE: old, known, issue -- partial protection by the suhosin extension
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=305507
 CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...)
 	- php5 5.3.3-6
@@ -441,10 +442,14 @@
 	RESERVED
 CVE-2010-4344
 	RESERVED
-CVE-2010-4343
+CVE-2010-4343 [linux: bfa driver sysfs crash]
 	RESERVED
-CVE-2010-4342
+	- linux-2.6 <unfixed>
+	TODO: check
+CVE-2010-4342 [linux: NULL pointer dereference in AF_ECONET]
 	RESERVED
+	- linux-2.6 <unfixed>
+	TODO: check
 CVE-2010-4341
 	RESERVED
 CVE-2010-4333
@@ -913,6 +918,7 @@
 CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...)
 	NOT-FOR-US: DeluxeBB
 CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
+	- php5 <unfixed>
 	TODO: check
 CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
 	- turbogears2 2.0.3-1