Author: geissert Date: 2010-04-05 05:00:38 +0000 (Mon, 05 Apr 2010) New Revision: 14403 Modified: data/CVE/list Log: php issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-04-05 02:11:55 UTC (rev 14402) +++ data/CVE/list 2010-04-05 05:00:38 UTC (rev 14403) @@ -263,11 +263,14 @@ - qt4-x11 <undetermined> (unimportant) NOTE: browser crashes are not considered security-relevant CVE-2010-1130 (session.c in the session extension in PHP before 5.2.13, and 5.3.1, ...) - TODO: check + - php5 5.3.2-1 (unimportant) + NOTE: open_basedir not supported CVE-2010-1129 (The safe_mode implementation in PHP before 5.2.13 does not properly ...) - TODO: check + - php5 5.3.2-1 (unimportant) + NOTE: safe_mode not supported CVE-2010-1128 (The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not ...) - TODO: check + - php5 5.3.2-1 (low) + NOTE: probably no-dsa, but will see what else can be fixed in stable to make an upload CVE-2010-1127 (Microsoft Internet Explorer 6 and 7 does not initialize certain data ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2010-1126 (The JavaScript implementation in WebKit allows remote attackers to ...)