Author: nion
Date: 2007-10-07 08:00:44 +0000 (Sun, 07 Oct 2007)
New Revision: 6845
Modified:
data/CVE/list
Log:
php4 was removed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-10-07 07:59:02 UTC (rev 6844)
+++ data/CVE/list 2007-10-07 08:00:44 UTC (rev 6845)
@@ -2749,7 +2749,8 @@
CVE-2007-3998 (The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before
5.2.4, ...)
{DTSA-61-1}
- php5 5.2.4-1 (low)
- - php4 <unfixed> (low)
+ - php4 <removed> (low)
+ NOTE: this applies to php4 as well
NOTE: i think it is medium since it can be easily used to DoS on shared
hosting systems
NOTE: a diff between 5.2.3 (debian) and 5.2.4 (upstream) of
ext/standard/string.c
NOTE: so maybe this is already fixed in 5.2.3, not sure