Author: carnil Date: 2015-11-08 06:37:49 +0000 (Sun, 08 Nov 2015) New Revision: 37611
Modified: data/CVE/list Log: Update note for CVE-2014-5459 Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-11-07 22:32:48 UTC (rev 37610) +++ data/CVE/list 2015-11-08 06:37:49 UTC (rev 37611) @@ -33949,10 +33949,12 @@ - ntopng 1.2.1+dfsg1-1 (bug #760990) NOTE: http://seclists.org/fulldisclosure/2014/Aug/65 CVE-2014-5459 (The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows ...) - - php5 <unfixed> (low; bug #759282) + - php5 <unfixed> (low; bug #682157; bug #759282) [jessie] - php5 <no-dsa> (Minor issue) [wheezy] - php5 <no-dsa> (Minor issue) [squeeze] - php5 <no-dsa> (Minor issue) + NOTE: Although #682157 and #759282 got closed the issues with unsafe use of + NOTE: /tmp are not yet resolved, cf. https://bugs.debian.org/682157#36 CVE-2014-5450 RESERVED - zarafa <itp> (bug #658433) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits