Author: geissert Date: 2010-12-10 05:03:21 +0000 (Fri, 10 Dec 2010) New Revision: 15675 Modified: data/CVE/list Log: php5, phpmyadmin, 2 linux issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-12-09 21:14:28 UTC (rev 15674) +++ data/CVE/list 2010-12-10 05:03:21 UTC (rev 15675) @@ -118,6 +118,7 @@ CVE-2010-4481 RESERVED CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to ...) + - phpmyadmin <unfixed> TODO: check CVE-2010-4510 REJECTED @@ -283,9 +284,9 @@ CVE-2010-4337 [gnash: insecure temp files handling in configure script] RESERVED - gnash <unfixed> (unimportant; bug #605419) -CVE-2010-XXXX [php and NUL handling on file ops] +CVE-2006-7243 [php and NUL handling on file ops] - php5 5.3.3-6 (low) - NOTE: old, known, issue -- Pierre already requested an id + NOTE: old, known, issue -- partial protection by the suhosin extension NOTE: http://svn.php.net/viewvc?view=revision&revision=305507 CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...) - php5 5.3.3-6 @@ -441,10 +442,14 @@ RESERVED CVE-2010-4344 RESERVED -CVE-2010-4343 +CVE-2010-4343 [linux: bfa driver sysfs crash] RESERVED -CVE-2010-4342 + - linux-2.6 <unfixed> + TODO: check +CVE-2010-4342 [linux: NULL pointer dereference in AF_ECONET] RESERVED + - linux-2.6 <unfixed> + TODO: check CVE-2010-4341 RESERVED CVE-2010-4333 @@ -913,6 +918,7 @@ CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...) NOT-FOR-US: DeluxeBB CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...) + - php5 <unfixed> TODO: check CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...) - turbogears2 2.0.3-1