[Secure-testing-commits] r19180 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Wed May 9 08:37:39 UTC 2012
Author: thijs
Date: 2012-05-09 08:37:38 +0000 (Wed, 09 May 2012)
New Revision: 19180
Modified:
data/CVE/list
Log:
php5
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-05-08 21:20:07 UTC (rev 19179)
+++ data/CVE/list 2012-05-09 08:37:38 UTC (rev 19180)
@@ -486,8 +486,11 @@
- nodejs 0.6.17~dfsg1-1
NOTE: http://blog.nodejs.org/2012/05/07/http-server-security-vulnerability-please-upgrade-to-0-6-17/
NOTE: https://github.com/joyent/node/commit/c9a231d
-CVE-2012-2329
+CVE-2012-2329 [buffer overflow vulnerability in the apache_request_headers()]
RESERVED
+ - php5 5.4.3-1
+ [squeeze] - php5 <not-affected> (Vulnerable code not present)
+ NOTE: 5.4.x only
CVE-2012-2328
RESERVED
CVE-2012-2327
@@ -535,7 +538,7 @@
- jbossas4 <not-affected> (Only affects JBoss 7)
CVE-2012-2311 [PHP-CGI query string parameter vulnerability]
RESERVED
- - php5 <unfixed> (bug #671880)
+ - php5 5.4.3-1 (bug #671880)
NOTE: This CVE ID is for the initial incomplete fix for CVE-2012-1823
NOTE: http://www.kb.cert.org/vuls/id/520827
NOTE: http://osvdb.org/show/osvdb/81633
@@ -1698,7 +1701,7 @@
RESERVED
CVE-2012-1823 [PHP-CGI query string parameter vulnerability]
RESERVED
- - php5 <unfixed>
+ - php5 5.4.3-1
NOTE: http://ompldr.org/vZGxxaQ https://bugs.php.net/bug.php?id=61910
NOTE: 5.4.2-1 'fixed' this, but fix is incomplete: CVE-2012-2311
CVE-2012-1822
More information about the Secure-testing-commits
mailing list