[Secure-testing-commits] r21444 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Wed Feb 27 08:00:39 UTC 2013
Author: thijs
Date: 2013-02-27 08:00:39 +0000 (Wed, 27 Feb 2013)
New Revision: 21444
Modified:
data/CVE/list
Log:
php issues fixed long ago, thanks Steven Chamberlain
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-27 07:50:08 UTC (rev 21443)
+++ data/CVE/list 2013-02-27 08:00:39 UTC (rev 21444)
@@ -33242,7 +33242,7 @@
NOT-FOR-US: Android
CVE-2011-1148 (Use-after-free vulnerability in the substr_replace function in PHP ...)
{DSA-2408-1}
- - php5 <unfixed> (unimportant)
+ - php5 5.4.0-1 (unimportant)
NOTE: only exploitable by malicious scripts
CVE-2011-1147 (Multiple stack-based and heap-based buffer overflows in the (1) ...)
{DSA-2225-1}
@@ -33456,7 +33456,7 @@
[squeeze] - linux-2.6 2.6.32-31
CVE-2011-1092 (Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows ...)
{DSA-2408-1}
- - php5 <unfixed> (unimportant)
+ - php5 5.4.0-1 (unimportant)
NOTE: only exploitable by malicious scripts
NOTE: http://seclists.org/oss-sec/2011/q1/430
CVE-2011-1091 (libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 ...)
More information about the Secure-testing-commits
mailing list