Author: fw Date: 2007-04-27 18:35:30 +0000 (Fri, 27 Apr 2007) New Revision: 5744 Modified: data/CVE/list Log: CVE-2007-0911: our php5 is not affected, so don''t claim it is Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-04-26 21:31:44 UTC (rev 5743) +++ data/CVE/list 2007-04-27 18:35:30 UTC (rev 5744) @@ -3369,8 +3369,8 @@ CVE-2007-0912 (Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php ...) NOT-FOR-US: JPortal CVE-2007-0911 (Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow ...) - - php5 <unfixed> (bug #410561; bug #410995; medium) - [etch] - php5 <not-affected> (A regression only affecting 5.2.1) + - php5 <not-affected> (A regression only affecting 5.2.1) + TODO: - php5 <unfixed> (bug #410561; bug #410995; medium) NOTE: this is a regression in the 5.2.1 release which is not yet uploaded. NOTE: so we should just make sure we patch 5.2.1. Leaving open in the NOTE: meantime, so we don''t forget about it.