Subject: r5831 - data/CVE Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Author: seanius Date: 2007-05-13 15:40:34 +0000 (Sun, 13 May 2007) New Revision: 5831 Modified: data/CVE/list Log: notes for latest php cves. patch pending for 2509 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-13 11:56:55 UTC (rev 5830) +++ data/CVE/list 2007-05-13 15:40:34 UTC (rev 5831) @@ -155,11 +155,23 @@ CVE-2007-2512 RESERVED CVE-2007-2511 (Buffer overflow in the user_filter_factory_create function in PHP ...) - TODO: check + [sarge] - php4 <not-affected> + [etch] - php4 <not-affected> + [etch] - php5 <unfixed> (low) + - php5 <5.2.2-1> + - php4 <4.4.7-1> CVE-2007-2510 (Buffer overflow in the make_http_soap_request function in PHP before ...) - TODO: check + [sarge] - php4 <not-affected> + [etch] - php4 <not-affected> + [etch] - php5 <unfixed> (low) + - php5 <5.2.2-1> + - php4 <4.4.7-1> CVE-2007-2509 (CRLF injection vulnerability in the ftp_putcmd function in PHP before ...) - TODO: check + [sarge] - php4 <unfixed> (low) + [etch] - php4 <unfixed> (low) + [etch] - php5 <unfixed> (low) + - php5 <5.2.2-1> + - php4 <4.4.7-1> CVE-2007-2508 (Multiple stack-based buffer overflows in Trend Micro ServerProtect ...) TODO: check CVE-2007-2507 (Directory traversal vulnerability in includes/download.php in Treble ...)