atomo64-guest at alioth.debian.org
2008-Dec-05 03:31 UTC
[Secure-testing-commits] r10623 - in data: . CVE
Author: atomo64-guest Date: 2008-12-05 03:31:20 +0000 (Fri, 05 Dec 2008) New Revision: 10623 Modified: data/CVE/list data/embedded-code-copies Log: New php issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-04 21:41:46 UTC (rev 10622) +++ data/CVE/list 2008-12-05 03:31:20 UTC (rev 10623) @@ -1,3 +1,6 @@ +CVE-2008-XXXX [php5/ext/zip: ZipArchive::extractTo() Directory Traversal Vulnerability] + - php5 <unfixed> (bug #507857) + - php4 <unfixed> CVE-2008-5323 (Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg ...) NOT-FOR-US: Wysi Wiki Wyg CVE-2008-5322 (Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information ...) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2008-12-04 21:41:46 UTC (rev 10622) +++ data/embedded-code-copies 2008-12-05 03:31:20 UTC (rev 10623) @@ -684,3 +684,6 @@ harfbuzz - qt4-x11 <unfixed> (embed) + +libzip + - php5 <unfixed> (fork)