The branch, master has been updated via 93b17ee20ed413d79e41250f1cc55ae9961f3123 (commit) from b5731f4ca159230c34db6ce111617ca27b1b2867 (commit)

- Log ----------------------------------------------------------------- commit 93b17ee20ed413d79e41250f1cc55ae9961f3123 Author: Marc Delisle marc@infomarc.info Date: Sun Jul 3 09:58:15 2011 -0400

Clarify vulnerable PHP versions; new CWE ids

-----------------------------------------------------------------------

Summary of changes: templates/security/PMASA-2011-5 | 6 +++++- templates/security/PMASA-2011-7 | 10 ++++++++-- 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/templates/security/PMASA-2011-5 b/templates/security/PMASA-2011-5 index 0661593..b21c291 100644 --- a/templates/security/PMASA-2011-5 +++ b/templates/security/PMASA-2011-5 @@ -10,6 +10,10 @@ PMASA-2011-5 2011-07-02 </py:def>

+<py:def function="announcement_updated"> +2011-07-03 +</py:def> + <py:def function="announcement_summary"> Possible session manipulation in Swekey authentication. </py:def> @@ -43,7 +47,7 @@ This issue was found by Frans Pehrson from <a href="http://www.xxor.se">Xxor AB< <!--! CVE ID of the report, this is automatically added to references --> <py:def function="announcement_cve">CVE-2011-2505</py:def>

-<py:def function="announcement_cwe">661</py:def> +<py:def function="announcement_cwe">473 661</py:def>

<py:def function="announcement_commits"> 7ebd958b2bf59f96fecd5b3322bdbd0b244a7967 diff --git a/templates/security/PMASA-2011-7 b/templates/security/PMASA-2011-7 index 6a1aeb6..294d7d7 100644 --- a/templates/security/PMASA-2011-7 +++ b/templates/security/PMASA-2011-7 @@ -10,12 +10,16 @@ PMASA-2011-7 2011-07-02 </py:def>

+<py:def function="announcement_updated"> +2011-07-03 +</py:def> + <py:def function="announcement_summary"> Regular expression quoting issue in Synchronize code. </py:def>

<py:def function="announcement_description"> -Through a possible bug in PHP running on Windows systems a null byte can truncate the pattern string allowing an attacker to inject the /e modifier causing the preg_replace function to execute its second argument as PHP code. +Through a possible bug in PHP, a null byte can truncate the pattern string allowing an attacker to inject the /e modifier causing the preg_replace function to execute its second argument as PHP code. </py:def>

<py:def function="announcement_severity"> @@ -23,7 +27,9 @@ We consider this vulnerability to be serious. </py:def>

<py:def function="announcement_mitigation"> -Only PHP running on Windows has been found to be vulnerable, Linux and OpenBSD are not affected. +All PHP versions that were current at the time of the advisory (5.3.6, +5.2.17) on all OS are vulnerable, unless the Suhosin patch has been +installed. </py:def>

<py:def function="announcement_affected">

hooks/post-receive