diff options
author | Thijs Kinkhorst <thijs@debian.org> | 2009-04-30 14:46:31 +0000 |
---|---|---|
committer | Thijs Kinkhorst <thijs@debian.org> | 2009-04-30 14:46:31 +0000 |
commit | 5bc612924330c1f0feabdba2248f8e9e99c6b429 (patch) | |
tree | 7ebd6f02b8fec1412ea231db73086c909dc70001 /data | |
parent | 611da73be9d538e4517234dbde04e4e6356862a5 (diff) |
updates for php5 issues, based on Sean's info
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@11745 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 2 | ||||
-rw-r--r-- | data/DTSA/list | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 4b49a8801d..4b504ff363 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -648,6 +648,7 @@ CVE-2009-1273 (pam_ssh 1.92 and possibly other versions, as used when PAM is com - pam <not-affected> (we don't compile pam with USE=ssh) CVE-2009-1272 (The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x ...) - php5 5.2.6.dfsg.1-3 + [etch] - php5 <not-affected> (this is caused by the fix for CVE-2008-5658, which was not applied to php4) - php4 <not-affected> (this is caused by the fix for CVE-2008-5658, which was not applied to php4) CVE-2009-1271 (The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before ...) {DSA-1775-1} @@ -12842,6 +12843,7 @@ CVE-2008-2830 (Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, CVE-2008-2829 (php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete ...) {DTSA-144-1} - php5 5.2.6-2 (low) + [etch] - php5 <no-dsa> (Fix not feasible for etch, low priority issue) NOTE: the fix sent to t-s and unstable does not seem possible in etch due to NOTE: missing api features from the version of libc-client in etch. CVE-2008-2826 (Integer overflow in the sctp_getsockopt_local_addrs_old function in ...) diff --git a/data/DTSA/list b/data/DTSA/list index 24ca23bb9a..cfd4e63309 100644 --- a/data/DTSA/list +++ b/data/DTSA/list @@ -561,7 +561,7 @@ {CVE-2009-0260 CVE-2009-0312} [lenny] - moin 1.7.1-3+lenny1 [January 28th, 2009] DTSA-188-1 php5 - several vulnerabilities - {CVE-2008-5658 CVE-2008-5557 CVE-2008-5624} + {CVE-2008-5658 CVE-2008-5557 CVE-2008-5624 CVE-2009-1272} [lenny] - php5 5.2.6.dfsg.1-1+lenny2 [February 1st, 2009] DTSA-189-1 avahi - denial of service {CVE-2008-5081} |