Author: stef-guest
Date: 2005-11-27 19:38:29 +0000 (Sun, 27 Nov 2005)
New Revision: 2874
Modified:
data/CVE/list
Log:
php5 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-11-27 19:35:40 UTC (rev 2873)
+++ data/CVE/list 2005-11-27 19:38:29 UTC (rev 2874)
@@ -1212,12 +1212,10 @@
- openvpn 2.0.5-1 (bug #336751; medium)
CVE-2005-3392 (Unspecified vulnerability in PHP before 4.4.1, when using the
virtual ...)
- php4 <unfixed> (bug #336645; unknown)
- TODO: check PHP5
- NOTE: pinged maintainers
+ - php5 <unfixed> (bug #336654; unknown)
CVE-2005-3391 (Multiple vulnerabilities in PHP before 4.4.1 allow remote
attackers to ...)
- php4 <unfixed> (bug #336645; unknown)
- TODO: check PHP5
- NOTE: pinged maintainers
+ - php5 <unfixed> (bug #336654; unknown)
CVE-2005-3390 (The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x
up to ...)
- php4 <unfixed> (bug #336645; high)
- php5 <unfixed> (bug #336654; high)
@@ -2515,7 +2513,7 @@
CVE-2005-2950 (Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0
through ...)
NOT-FOR-US: Sawmill
CVE-2005-2949 (pam_per_user before 0.4 does not verify if the user name
changes ...)
- TODO: check
+ NOT-FOR-US: pam_per_user (not in Debian)
CVE-2005-2948 (KillProcess 2.20 and earlier allows local users to bypass kill
list ...)
NOT-FOR-US: KillProcess
CVE-2005-2947 (Buffer overflow in KillProcess 2.20 and earlier allows
user-complicit ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
