cvs commit: ports/security/vuxml vuln.xml
Eygene Ryabinkin
rea at FreeBSD.org
Thu Jan 13 05:44:54 UTC 2011
rea 2011-01-13 05:44:53 UTC
FreeBSD ports repository
Modified files:
security/vuxml vuln.xml
Log:
Split recent PHP entry into multiple ones
Many reasons:
- some vulnerabilities were present only in the specific
PHP modules and not in the core PHP;
- it is better to group vulnerabilities by-topic (DoS, code
execution, etc);
- PHAR vulnerability is present only in 5.3.x;
- extract() vulnerability was fixed both in 5.2 and 5.3:
http://www.mail-archive.com/php-cvs@lists.php.net/msg47722.html
- NULL-byte poisoning was fixed only in 5.3, 5.2.x is still
vulnerable to this design error;
- DFS-related fixes are not relevant for FreeBSD, since DFS
is Windows file system that is unsupported by us.
PR: 153433
Approved by: remko (secteam), erwin (mentor)
Feature safe: yes
Revision Changes Path
1.2275 +247 -42 ports/security/vuxml/vuln.xml
More information about the cvs-all
mailing list