new php-net-ping issue

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@13363 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Raphael Geissert <geissert@debian.org> 2009-11-24 05:16:58 +0000
committer: Raphael Geissert <geissert@debian.org> 2009-11-24 05:16:58 +0000
commit: 0df151a9092688e28c1675a8af08c8a8639ef756 (patch)
tree: 35071d2d94f86556279da40a652a0cbd9891084c /data
parent: d013be66be143398f97935cbf042e32957cca79d (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 5b30316880..7f2ae44933 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,9 @@
+CVE-2009-XXXX [Net_Ping PEAR module argument injection]
+	- php-net-ping <unfixed>
+	TODO: check
+	NOTE: http://pear.php.net/advisory20091114-01.txt
+	NOTE: the fix by upstream should be double checked,
+	NOTE: escapeshellcmd might not be the most appropriate function either
 CVE-2009-4046 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) 2.2.x ...)
 	NOT-FOR-US: FrontAccounting
 CVE-2009-4045 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) before ...)
author	Raphael Geissert <geissert@debian.org>	2009-11-24 05:16:58 +0000
committer	Raphael Geissert <geissert@debian.org>	2009-11-24 05:16:58 +0000
commit	0df151a9092688e28c1675a8af08c8a8639ef756 (patch)
tree	35071d2d94f86556279da40a652a0cbd9891084c /data
parent	d013be66be143398f97935cbf042e32957cca79d (diff)