atomo64-guest at alioth.debian.org
2009-Jan-28 18:22 UTC
[Secure-testing-commits] r11079 - data/CVE
Author: atomo64-guest Date: 2009-01-28 18:22:50 +0000 (Wed, 28 Jan 2009) New Revision: 11079 Modified: data/CVE/list Log: php5 issues update/cleanup Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-01-28 17:58:55 UTC (rev 11078) +++ data/CVE/list 2009-01-28 18:22:50 UTC (rev 11079) @@ -869,7 +869,7 @@ CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and ...) - php5 <unfixed> (low) TODO: check php4 - NOTE: status is unclear, further investigation is needed + NOTE: there''s not enough information available, no known bug, no known fix CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before ...) NOT-FOR-US: SPIP CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 ...) @@ -1990,8 +1990,6 @@ - rsyslog 3.18.6-1 (bug #508027) CVE-2008-5624 (PHP 5 before 5.2.7 does not properly initialize the page_uid and ...) - php5 5.2.6.dfsg.1-1 (bug #508021) - NOTE: Fixed in php 5.2.7, not yet in the archive - NOTE: http://securityreason.com/achievement_securityalert/59 TODO: check php4 CVE-2008-5660 (Format string vulnerability in the vinagre_utils_show_error function ...) - vinagre 0.5.1-2