Author: stef-guest
Date: 2006-11-03 17:08:47 +0100 (Fri, 03 Nov 2006)
New Revision: 4916
Modified:
data/CVE/list
data/DSA/list
Log:
- php5 fixed
- wordpress fixed
- another DSA
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-11-03 08:14:24 UTC (rev 4915)
+++ data/CVE/list 2006-11-03 16:08:47 UTC (rev 4916)
@@ -382,7 +382,7 @@
CVE-2006-5465 [php htmlentities() and htmlspecialchars() buffer overflow]
RESERVED
- php4 <unfixed> (high; bug #396764)
- - php5 <unfixed> (high; bug #396766)
+ - php5 5.1.6-6 (high; bug #396766)
CVE-2006-5464
RESERVED
CVE-2006-5463
@@ -3149,7 +3149,7 @@
CVE-2006-4209 (PHP remote file inclusion vulnerability in install3.php in
WEBInsta ...)
NOT-FOR-US: WEBInsta Mailing List Manager
CVE-2006-4208 (Directory traversal vulnerability in wp-db-backup.php in Skippy
...)
- - wordpress <unfixed> (unimportant; bug #384800)
+ - wordpress 2.0.5-0.1 (unimportant; bug #384800)
NOTE: Only exploitable by admin users, someone with the privilege to backup
NOTE: your data must be trustworthy
CVE-2006-4207 (Multiple PHP remote file inclusion vulnerabilities in Bob Jewell
...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-11-03 08:14:24 UTC (rev 4915)
+++ data/DSA/list 2006-11-03 16:08:47 UTC (rev 4916)
@@ -1,3 +1,6 @@
+[02 Nov 2006] DSA-1205-1 thttpd - insecure temporary files
+ {CVE-2006-4248}
+ [sarge] - thttpd 2.23beta1-3sarge2
[02 Nov 2006] DSA-1204-1 ingo1
{CVE-2006-5449}
[sarge] - ingo1 1.0.1-1sarge1