Author: thijs Date: 2012-05-09 08:37:38 +0000 (Wed, 09 May 2012) New Revision: 19180 Modified: data/CVE/list Log: php5 Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-05-08 21:20:07 UTC (rev 19179) +++ data/CVE/list 2012-05-09 08:37:38 UTC (rev 19180) @@ -486,8 +486,11 @@ - nodejs 0.6.17~dfsg1-1 NOTE: http://blog.nodejs.org/2012/05/07/http-server-security-vulnerability-please-upgrade-to-0-6-17/ NOTE: https://github.com/joyent/node/commit/c9a231d -CVE-2012-2329 +CVE-2012-2329 [buffer overflow vulnerability in the apache_request_headers()] RESERVED + - php5 5.4.3-1 + [squeeze] - php5 <not-affected> (Vulnerable code not present) + NOTE: 5.4.x only CVE-2012-2328 RESERVED CVE-2012-2327 @@ -535,7 +538,7 @@ - jbossas4 <not-affected> (Only affects JBoss 7) CVE-2012-2311 [PHP-CGI query string parameter vulnerability] RESERVED - - php5 <unfixed> (bug #671880) + - php5 5.4.3-1 (bug #671880) NOTE: This CVE ID is for the initial incomplete fix for CVE-2012-1823 NOTE: http://www.kb.cert.org/vuls/id/520827 NOTE: http://osvdb.org/show/osvdb/81633 @@ -1698,7 +1701,7 @@ RESERVED CVE-2012-1823 [PHP-CGI query string parameter vulnerability] RESERVED - - php5 <unfixed> + - php5 5.4.3-1 NOTE: http://ompldr.org/vZGxxaQ https://bugs.php.net/bug.php?id=61910 NOTE: 5.4.2-1 ''fixed'' this, but fix is incomplete: CVE-2012-2311 CVE-2012-1822