[Secure-testing-commits] r16793 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jun 10 14:08:32 UTC 2011
Author: jmm
Date: 2011-06-10 14:08:31 +0000 (Fri, 10 Jun 2011)
New Revision: 16793
Modified:
data/CVE/list
Log:
php updates: one issue not in lenny, one non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-06-10 10:16:46 UTC (rev 16792)
+++ data/CVE/list 2011-06-10 14:08:31 UTC (rev 16793)
@@ -1930,6 +1930,7 @@
NOTE: under normal conditions the amount of memory leaked is insignificant
CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka ...)
- php5 5.3.6-1
+ [lenny] - php5 <not-affected> (intl extension included since 5.3)
CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar extension ...)
- php5 5.3.6-1
NOTE: null pointer deref because of int overflow. Fix has a bug
@@ -2837,7 +2838,8 @@
CVE-2011-1154 (The shred_file function in logrotate.c in logrotate 3.7.9 and earlier ...)
- logrotate <unfixed>
CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the phar ...)
- - php5 5.3.6-1
+ - php5 5.3.6-1 (unimportant)
+ NOTE: only exploitable by malicious scripts
CVE-2011-1152
RESERVED
CVE-2011-1151
More information about the Secure-testing-commits
mailing list