[Secure-testing-commits] r16793 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jun 10 14:08:32 UTC 2011


Author: jmm
Date: 2011-06-10 14:08:31 +0000 (Fri, 10 Jun 2011)
New Revision: 16793

Modified:
   data/CVE/list
Log:
php updates: one issue not in lenny, one non-issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-06-10 10:16:46 UTC (rev 16792)
+++ data/CVE/list	2011-06-10 14:08:31 UTC (rev 16793)
@@ -1930,6 +1930,7 @@
 	NOTE: under normal conditions the amount of memory leaked is insignificant
 CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka ...)
 	- php5 5.3.6-1
+	[lenny] - php5 <not-affected> (intl extension included since 5.3)
 CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar extension ...)
 	- php5 5.3.6-1
 	NOTE: null pointer deref because of int overflow. Fix has a bug
@@ -2837,7 +2838,8 @@
 CVE-2011-1154 (The shred_file function in logrotate.c in logrotate 3.7.9 and earlier ...)
 	- logrotate <unfixed>
 CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the phar ...)
-	- php5 5.3.6-1
+	- php5 5.3.6-1 (unimportant)
+	NOTE: only exploitable by malicious scripts
 CVE-2011-1152
 	RESERVED
 CVE-2011-1151




More information about the Secure-testing-commits mailing list