Author: geissert Date: 2011-03-23 15:31:57 +0000 (Wed, 23 Mar 2011) New Revision: 16420 Modified: data/CVE/list Log: php5 updates Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-03-23 09:16:19 UTC (rev 16419) +++ data/CVE/list 2011-03-23 15:31:57 UTC (rev 16420) @@ -1,20 +1,25 @@ CVE-2011-1471 (Integer signedness error in zip_stream.c in the Zip extension in PHP ...) - php5 5.3.6-1 CVE-2011-1470 (The Zip extension in PHP before 5.3.6 allows context-dependent ...) - - php5 5.3.6-1 + - php5 5.3.6-1 (unimportant) + NOTE: exploitable by malicious scripts only CVE-2011-1469 (Unspecified vulnerability in the Streams component in PHP before 5.3.6 ...) - - php5 5.3.6-1 + - php5 5.3.6-1 (unimportant) + NOTE: exploitable by malicious scripts only CVE-2011-1468 (Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 ...) - - php5 5.3.6-1 + - php5 5.3.6-1 (unimportant) + NOTE: under normal conditions the amount of memory leaked is insignificant CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka ...) - php5 5.3.6-1 CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar extension ...) - php5 5.3.6-1 + NOTE: null pointer deref because of int overflow. Fix has a bug CVE-2011-1465 (The SPDY implementation in net/http/http_network_transaction.cc in ...) - chromium-browser <undetermined> - webkit <undetermined> CVE-2011-1464 (Buffer overflow in the strval function in PHP before 5.3.6, when the ...) - - php5 5.3.6-1 + - php5 5.3.6-1 (unimportant) + NOTE: ini setting needs to be modified. CVE-2011-1463 RESERVED CVE-2011-1462