Author: geissert Date: 2009-12-17 19:34:39 +0000 (Thu, 17 Dec 2009) New Revision: 13588 Modified: data/CVE/list Log: requested CVEs for php issues there are more issues but this is tiresome, will wait until they get CVE ids before adding them Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-17 18:39:59 UTC (rev 13587) +++ data/CVE/list 2009-12-17 19:34:39 UTC (rev 13588) @@ -1,17 +1,19 @@ -CVE-2009-XXXX [php5 uksort interruption memory corruption] +CVE-2009-XXXX [php5 uksort() interruption memory corruption] - php5 <unfixed> (low) - NOTE: fixed by upstream at a different moment, it''s probably - NOTE: going to get a separate CVE - TODO: request CVE + NOTE: CVE requested CVE-2009-XXXX [php5 usort interruption memory corruption] - php5 5.2.11.dfsg.1-1 (low) TODO: protection was weak in .11, re-check .12 changes - TODO: request CVE + NOTE: CVE requested NOTE: from "Shocking News in PHP Exploitation" by Stefan Esser CVE-2009-XXXX [php5 explode() information leak] - php5 5.2.11.dfsg.1-1 (low) - TODO: request CVE + NOTE: CVE requested NOTE: from "Shocking News in PHP Exploitation" by Stefan Esser +CVE-2009-XXXX [php5 serialize() information leak] + - php5 5.2.11.dfsg.1-1 (low) + NOTE: CVE requested + NOTE: from "Shocking News in PHP Exploitation" by Stefan Esser CVE-2010-0065 RESERVED CVE-2010-0064