php5 removed from unstable

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@47974 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 14 insertions, 14 deletions

diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 888180cac3..8a5f4d4938 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -3156,7 +3156,7 @@ CVE-2007-5425 (SQL injection vulnerability in admin/index.php in Interspire Acti
 	NOT-FOR-US: ActiveKB NX
 CVE-2007-5424 (The disable_functions feature in PHP 4 and 5 allows attackers to ...)
 	- php4 <removed> (unimportant)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: if the function is blacklisted but not its alias it is a configuration
 	NOTE: issue of the site not a vulnerability in php
 CVE-2007-5423 (tiki-graph_formula.php in TikiWiki 1.9.8 allows remote attackers to ...)
@@ -4465,7 +4465,7 @@ CVE-2007-4891 (A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier
 CVE-2007-4890 (Absolute directory traversal vulnerability in a certain ActiveX ...)
 	NOT-FOR-US: Microsoft Visual Studio
 CVE-2007-4889 (The MySQL extension in PHP 5.2.4 and earlier allows remote attackers ...)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: basedir and safemode not supported
 CVE-2007-4888 (The &quot;You are not allowed...&quot; error handler in XWiki 1.0 B1 and 1.0 B2 ...)
 	NOT-FOR-US: Xwiki
@@ -5177,7 +5177,7 @@ CVE-2007-4598 (IBM SurePOS 500 has (1) a default password of &quot;12345&quot; f
 CVE-2007-4597 (SQL injection vulnerability in index.php in TurnkeyWebTools SunShop ...)
 	NOT-FOR-US: SunShop Shopping Cart
 CVE-2007-4596 (The perl extension in PHP does not follow safe_mode restrictions, ...)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: Safe mode violations not treated as vulnerabilities
 CVE-2007-4595 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12 allows ...)
 	NOT-FOR-US: Mayaa
@@ -5975,7 +5975,7 @@ CVE-2007-4257 (Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow
 CVE-2007-4256 (Directory traversal vulnerability in showpage.cgi in YNP Portal System ...)
 	NOT-FOR-US: YNP Portal System
 CVE-2007-4255 (Buffer overflow in the mSQL extension in PHP 5.2.3 allows ...)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Only exploitable by malicious script
 CVE-2007-4254 (Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL ...)
@@ -8241,7 +8241,7 @@ CVE-2007-3296 (The ThunderServer.webThunder.1 ActiveX control in xunlei Web ...)
 CVE-2007-3295 (Directory traversal vulnerability in Yet another Bulletin Board (YaBB) ...)
 	NOT-FOR-US: YaBB
 CVE-2007-3294 (Multiple buffer overflows in libtidy, as used in the Tidy extension ...)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: Only exploitable by malicious script
 CVE-2007-3293 (SQL injection vulnerability in categoria.php in LiveCMS 3.4 and ...)
 	NOT-FOR-US: LiveCMS
@@ -8453,7 +8453,7 @@ CVE-2007-3206
 	RESERVED
 CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Subhosin, ...)
 	- php4 <removed> (unimportant)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: That's by design
 CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network ...)
 	NOTE: This is an jffnms ID, which has been wrongly reported by an external party,
@@ -11550,7 +11550,7 @@ CVE-2007-1891 (Stack-based buffer overflow in the GetPrivateProfileSectionW func
 	NOT-FOR-US: Akamai
 CVE-2007-1890 (Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and ...)
 	- php4 <removed> (unimportant)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: local code execution only, possibly only on FreeBSD
 CVE-2007-1889 (Integer signedness error in the _zend_mm_alloc_int function in the ...)
 	{DSA-1283-1 DTSA-39-1}
@@ -11573,7 +11573,7 @@ CVE-2007-1884 (Multiple integer signedness errors in the printf function family
 	NOTE: Dupe of CVE-2007-0909; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
 CVE-2007-1883 (PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows ...)
 	- php4 <removed> (unimportant)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
 CVE-2007-1882 (qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury ...)
 	NOT-FOR-US: HP Mercury Quality Center
@@ -11693,7 +11693,7 @@ CVE-2007-1836 (The command line administration interface in Data Domain OS befor
 	NOT-FOR-US: Data Domain OS
 CVE-2007-1835 (PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session ...)
 	- php4 <removed> (unimportant)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
 CVE-2007-1834 (Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco ...)
 	NOT-FOR-US: Cisco
@@ -11984,7 +11984,7 @@ CVE-2007-1711 (Double free vulnerability in the unserializer in PHP 4.4.5 and 4.
 	NOTE: register_globals not supported
 CVE-2007-1710 (The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows ...)
 	- php4 <removed> (unimportant)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: Safe mode violations not supported, insufficient measure
 CVE-2007-1709 (Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC ...)
 	NOT-FOR-US: PECL phpDOC
@@ -12292,11 +12292,11 @@ CVE-2007-1583 (The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 th
 	- php5 5.2.0-11 (medium)
 	- php4 <removed> (medium)
 CVE-2007-1582 (The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 ...)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
 CVE-2007-1581 (The resource system in PHP 5.0.0 through 5.2.1 allows ...)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
 CVE-2007-1580 (FTPDMIN 0.96 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: FTPDMIN
@@ -12698,7 +12698,7 @@ CVE-2007-1414 (Multiple PHP remote file inclusion vulnerabilities in Coppermine
 	NOT-FOR-US: Coppermine Photo Gallery
 CVE-2007-1413 (Buffer overflow in the snmpget function in the snmp extension in PHP ...)
 	- php4 <removed> (unimportant)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
 CVE-2007-1412 (The cpdf_open function in the ClibPDF (cpdf) extension in PHP 4.4.6 ...)
 	- php4 <not-affected> (cpdf extension not enabled in binary build)
@@ -14994,7 +14994,7 @@ CVE-2007-0450 (Directory traversal vulnerability in Apache HTTP Server and Tomca
 CVE-2007-0449 (Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve ...)
 	NOT-FOR-US: CA BrightStor
 CVE-2007-0448 (The fopen function in PHP 5.2.0 does not properly handle invalid URI ...)
-	- php5 <unfixed> (unimportant)
+	- php5 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
 CVE-2007-0447 (Heap-based buffer overflow in the Decomposer component in multiple ...)
 	NOT-FOR-US: Symantec