cvs commit: ports/security/vuxml vuln.xml

[Eygene Ryabinkin]

rea         2011-01-13 05:44:53 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  Split recent PHP entry into multiple ones
  
  Many reasons:
   - some vulnerabilities were present only in the specific
     PHP modules and not in the core PHP;
   - it is better to group vulnerabilities by-topic (DoS, code
     execution, etc);
   - PHAR vulnerability is present only in 5.3.x;
   - extract() vulnerability was fixed both in 5.2 and 5.3:
     http://www.mail-archive.com/php-cvs@lists.php.net/msg47722.html
   - NULL-byte poisoning was fixed only in 5.3, 5.2.x is still
     vulnerable to this design error;
   - DFS-related fixes are not relevant for FreeBSD, since DFS
     is Windows file system that is unsupported by us.
  
  PR: 153433
  Approved by: remko (secteam), erwin (mentor)
  Feature safe: yes
  
  Revision  Changes    Path
  1.2275    +247 -42   ports/security/vuxml/vuln.xml