ports/128956: [patch] [vuxml] multiple vulnerabilities in PHP 5.2.6

Steven M. Christey coley at linus.mitre.org
Tue Nov 18 07:55:45 PST 2008


On Tue, 18 Nov 2008, Eygene Ryabinkin wrote:

> Steven, CVE-supporters, good day.
>
> Today I was submitted FreeBSD's VuXML entry for CVE-2008-3659 and it
> seem to be errorneously saying about "PHP 5.6".  Could you please try to
> follow the discuission and say something about the entry's description
> text?

It's pretty clear that the description was a typo.  It doesn't follow our
typical CVE description style of escalating versions when we list version
ranges.  Most likely I introduced this typo in the original description.

I've internally changed it to "5.x through 5.2.6."  This will show up on
the public CVE web site within a day or two.

Thank you for informing us!

- Steve


More information about the freebsd-security mailing list