Author: geissert Date: 2009-10-03 20:23:08 +0000 (Sat, 03 Oct 2009) New Revision: 12931 Modified: data/CVE/list Log: php''s pear symlinks vuln Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-10-03 17:08:07 UTC (rev 12930) +++ data/CVE/list 2009-10-03 20:23:08 UTC (rev 12931) @@ -1,3 +1,8 @@ +CVE-2009-XXXX [php5''s pear is vulnerable to symlink attacks] + - php5 <unfixed> (low; bug #546164) + NOTE: side-effect reported to upstream: http://bugs.php.net/44354 + NOTE: but they apparently only fixed the issue at build time + NOTE: needs re-testing, as I don''t remember the test conditions CVE-2009-3543 NOT-FOR-US: Phenotype CMS CVE-2009-3542