Author: jmm-guest Date: 2010-11-18 21:15:11 +0000 (Thu, 18 Nov 2010) New Revision: 15604 Modified: data/CVE/list Log: php5 fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-11-18 21:14:08 UTC (rev 15603) +++ data/CVE/list 2010-11-18 21:15:11 UTC (rev 15604) @@ -240,7 +240,7 @@ CVE-2010-4159 RESERVED CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through ...) - - php5 <unfixed> (bug #603751) + - php5 5.3.3-4 (bug #603751) [lenny] - php5 <not-affected> (Only affects 5.3.x) CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 ...) NOT-FOR-US: eXV2 CMS @@ -909,7 +909,7 @@ - mahara <not-affected> (Vulnerable feature introduced in 1.3) TODO: File was introduced after 1.2.6, so check that next sid version is at least 1.3.3 or higher CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...) - - php5 <unfixed> (bug #603751) + - php5 5.3.3-4 (bug #603751) CVE-2010-3869 RESERVED CVE-2010-3868 @@ -1314,7 +1314,7 @@ CVE-2010-3710 (Stack consumption vulnerability in the filter_var function in PHP ...) - php5 5.3.3-3 (bug #601619) CVE-2010-3709 (The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 ...) - - php5 <unfixed> (bug #603751) + - php5 5.3.3-4 (bug #603751) CVE-2010-3708 RESERVED CVE-2010-3707 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...) @@ -2033,7 +2033,7 @@ CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor function in ...) - linux-2.6 2.6.32-25 CVE-2010-3436 (fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote ...) - - php5 <unfixed> (unimportant) + - php5 5.3.3-4 (unimportant) NOTE: http://svn.php.net/viewvc?view=revision&revision=303824 CVE-2010-3435 RESERVED