Author: jmm-guest
Date: 2007-05-20 20:55:07 +0000 (Sun, 20 May 2007)
New Revision: 5890

Modified:
   data/CVE/list
Log:
two php issues don't affect us, as the extension are not built


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-05-20 19:19:45 UTC (rev 5889)
+++ data/CVE/list       2007-05-20 20:55:07 UTC (rev 5890)
@@ -2857,7 +2857,7 @@
        {DSA-1283-1}
        - php5 5.2.0-11 (medium)
 CVE-2007-1452 (The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not 
implement ...)
-       - php5 <unfixed> (low)
+       - php5 <not-affected> (cpdf extension not enabled in binary build)
 CVE-2007-1451 (GuppY 4.0 allows remote attackers to delete arbitrary files via 
a ...)
        NOT-FOR-US: GuppY
 CVE-2007-1450 (SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and 
...)
@@ -2970,8 +2970,8 @@
        - php5 <unfixed> (unimportant)
        NOTE: Only triggerable by malicious script
 CVE-2007-1412 (The cpdf_open function in the ClibPDF (cpdf) extension in PHP 
4.4.6 ...)
-       - php4 <unfixed>
-       - php5 <unfixed>
+       - php4 <not-affected> (cpdf extension not enabled in binary build)
+       - php5 <not-affected> (cpdf extension not enabled in binary build)
 CVE-2007-1411 (Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 
...)
        TODO: check
        NOTE: Haven't been able to reproduce the issue in either php4 or php5


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to