Month of PHP security May 2010 status file

001: CVE-2007-1581; Only triggerable by malicious script
002: External app not in Debian: Campsite
003: CVE-2010-1866; Should be fixed for Squeeze, doesn't affect Lenny (5.3 only)
004: External app not in Debian: ClanSphere
005: External app not in Debian: ClanSphere
006: CVE-2010-1864; Only triggerable by malicious script
007: External app not in Debian: ClanTiger
008: CVE-2010-1862; Only triggerable by malicious script
009: CVE-2010-1861; Only triggerable by malicious script
010: CVE-2010-1860; Only triggerable by malicious script
011: External app not in Debian: DeluxeBB
012: CVE-2010-1868; Only triggerable by malicious script
013: CVE-2010-1868; Only triggerable by malicious script
014: CVE-2010-1914; Only triggerable by malicious script
015: CVE-2010-1914; Only triggerable by malicious script
016: CVE-2010-1914; Only triggerable by malicious script
017: CVE-2010-1915; Only triggerable by malicious script
018: External app not in Debian: EFront
019: CVE-2010-1916; Serendipity, doesn't affect Lenny (1.4 onwards), pinged Thijs
020: CVE-2010-1916; External app; xinha, Just an ITP: #479708, there are embedders
021: CVE-2010-1917; PHP fnmatch() Stack Exhaustion Vulnerability
022: CVE-2010-2093; Only triggerable by malicious script
023: no CVE yet; Cacti, pinged Sean Finney
024: CVE-2010-2094; Doesn't affect Lenny, extension is new enough not to have (code) users other than PEAR
025: CVE-2010-2094; Doesn't affect Lenny, extension is new enough not to have (code) users other than PEAR
026: CVE-2010-2094; Doesn't affect Lenny, extension is new enough not to have (code) users other than PEAR
027: CVE-2010-2094; Doesn't affect Lenny, extension is new enough not to have (code) users other than PEAR
028: CVE-2010-2094; Doesn't affect Lenny, extension is new enough not to have (code) users other than PEAR
029: External app not in Debian: CMSQLITE
030: External app not in Debian: CMSQLITE
031: External app not in Debian: e107
032: CVE-2010-2097; Only triggerable by malicious script
033: CVE-2010-2097; Only triggerable by malicious script
034: CVE-2010-2097; Only triggerable by malicious script
035: External app not in Debian: e107
036: CVE-2010-2100; Only triggerable by malicious script
037: CVE-2010-2100; Only triggerable by malicious script
038: CVE-2010-2100; Only triggerable by malicious script
039: CVE-2010-2100; Only triggerable by malicious script
040: CVE-2010-2100; Only triggerable by malicious script
041: CVE-2010-2101; Only triggerable by malicious script
042: CVE-2010-2101; Only triggerable by malicious script
043: CVE-2010-2101; Only triggerable by malicious script
044: CVE-2010-2101; Only triggerable by malicious script
045: CVE-2010-2101; Only triggerable by malicious script
046: CVE-2010-2101; Only triggerable by malicious script
047: CVE-2010-2190; Only triggerable by malicious script
048: CVE-2010-2190; Only triggerable by malicious script
049: CVE-2010-2191; Only triggerable by malicious script
050: CVE-2010-2191; Only triggerable by malicious script
051: CVE-2010-2191; Only triggerable by malicious script
052: CVE-2010-2191; Only triggerable by malicious script
053: CVE-2010-2191; Only triggerable by malicious script
054: CVE-2010-2191; Only triggerable by malicious script
055: CVE-2010-2191; Only triggerable by malicious script
056: CVE-2010-3062; Does not affect Lenny; unimportant, mysqlnd not used in squeeze/sid
057: CVE-2010-3062; Does not affect Lenny; unimportant, mysqlnd not used in squeeze/sid
058: CVE-2010-3063; Does not affect Lenny; unimportant, mysqlnd not used in squeeze/sid
059: CVE-2010-3064; Does not affect Lenny; unimportant, mysqlnd not used in squeeze/sid
060: CVE-2010-3065; Should be fixed in Lenny and unstable; low importance