Author: jmm Date: 2011-06-10 14:08:31 +0000 (Fri, 10 Jun 2011) New Revision: 16793 Modified: data/CVE/list Log: php updates: one issue not in lenny, one non-issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-06-10 10:16:46 UTC (rev 16792) +++ data/CVE/list 2011-06-10 14:08:31 UTC (rev 16793) @@ -1930,6 +1930,7 @@ NOTE: under normal conditions the amount of memory leaked is insignificant CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka ...) - php5 5.3.6-1 + [lenny] - php5 <not-affected> (intl extension included since 5.3) CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar extension ...) - php5 5.3.6-1 NOTE: null pointer deref because of int overflow. Fix has a bug @@ -2837,7 +2838,8 @@ CVE-2011-1154 (The shred_file function in logrotate.c in logrotate 3.7.9 and earlier ...) - logrotate <unfixed> CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the phar ...) - - php5 5.3.6-1 + - php5 5.3.6-1 (unimportant) + NOTE: only exploitable by malicious scripts CVE-2011-1152 RESERVED CVE-2011-1151