Author: stef-guest Date: 2005-11-27 19:38:29 +0000 (Sun, 27 Nov 2005) New Revision: 2874 Modified: data/CVE/list Log: php5 issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-11-27 19:35:40 UTC (rev 2873) +++ data/CVE/list 2005-11-27 19:38:29 UTC (rev 2874) @@ -1212,12 +1212,10 @@ - openvpn 2.0.5-1 (bug #336751; medium) CVE-2005-3392 (Unspecified vulnerability in PHP before 4.4.1, when using the virtual ...) - php4 <unfixed> (bug #336645; unknown) - TODO: check PHP5 - NOTE: pinged maintainers + - php5 <unfixed> (bug #336654; unknown) CVE-2005-3391 (Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to ...) - php4 <unfixed> (bug #336645; unknown) - TODO: check PHP5 - NOTE: pinged maintainers + - php5 <unfixed> (bug #336654; unknown) CVE-2005-3390 (The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to ...) - php4 <unfixed> (bug #336645; high) - php5 <unfixed> (bug #336654; high) @@ -2515,7 +2513,7 @@ CVE-2005-2950 (Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through ...) NOT-FOR-US: Sawmill CVE-2005-2949 (pam_per_user before 0.4 does not verify if the user name changes ...) - TODO: check + NOT-FOR-US: pam_per_user (not in Debian) CVE-2005-2948 (KillProcess 2.20 and earlier allows local users to bypass kill list ...) NOT-FOR-US: KillProcess CVE-2005-2947 (Buffer overflow in KillProcess 2.20 and earlier allows user-complicit ...)