[Secure-testing-commits] r442 - sarge-checks/CAN
SALVETTI Djoumé
djoume-guest@costa.debian.org
Fri, 18 Feb 2005 13:28:24 +0100
Author: djoume-guest
Date: 2005-02-18 13:28:21 +0100 (Fri, 18 Feb 2005)
New Revision: 442
Modified:
sarge-checks/CAN/list
Log:
* update phpmyadmin
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-18 11:32:09 UTC (rev 441)
+++ sarge-checks/CAN/list 2005-02-18 12:28:21 UTC (rev 442)
@@ -7,7 +7,9 @@
CAN-2005-0460 (index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to ...)
NOTE: not-for-us (MercuryBoard)
CAN-2005-0459 (phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote ...)
- NOTE: not sure if this is really a security issue, I have mailed maintainer.
+ NOTE: From maintainer Piotr Roszatycki <Piotr_Roszatycki@netia.net.pl> :
+ NOTE: I think it is not a problem on Debian as far as everybody knows the full
+ NOTE: path of phpMyAdmin is /usr/share/phpmyadmin.
CAN-2005-0458 (Cross-site scripting (XSS) vulnerability in contact_us.php in ...)
NOTE: not-for-us (oscommerce)
CAN-2005-0457 (Opera 7.54 and earlier on Gentoo Linux uses an insecure path for ...)