seanius at alioth.debian.org
2007-Sep-19 22:07 UTC
[Secure-testing-commits] r6648 - data/CVE
Author: seanius Date: 2007-09-19 22:07:52 +0000 (Wed, 19 Sep 2007) New Revision: 6648 Modified: data/CVE/list Log: add note to point out fixes for the two php/oldstable vulns are now in svn Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-09-19 21:28:29 UTC (rev 6647) +++ data/CVE/list 2007-09-19 22:07:52 UTC (rev 6648) @@ -712,7 +712,7 @@ CVE-2007-4657 (Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before ...) - php5 <unfixed> - php4 <removed> - NOTE: fixed in php5/etch svn + NOTE: fixed in php5/etch, php4/sarge svn CVE-2007-4656 (backup-manager-upload in Backup Manager before 0.6.3 provides the FTP ...) - backup-manager 0.7.6-3 (bug #439392) CVE-2007-4655 (Multiple directory traversal vulnerabilities in CGI RESCUE Shopping ...) @@ -2609,7 +2609,7 @@ NOTE: also may not work if other cookie values are set. NOTE: fix sneaked into php 5.2.3 sans-mention: NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.36&r2=1.417.2.8.2.37&pathrev=PHP_5_2 - NOTE: fixed in php5/etch svn + NOTE: fixed in php5/etch, php4/sarge svn - php4 <unfixed> (low) - php5 <unfixed> (low; bug #441433) CVE-2007-3798 (Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 ...)