[Secure-testing-commits] r2761 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Nov 16 17:33:20 UTC 2005
Author: jmm-guest
Date: 2005-11-16 17:33:13 +0000 (Wed, 16 Nov 2005)
New Revision: 2761
Modified:
data/CVE/list
Log:
phpsysinfo fixed, older fix should be double-checked
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-11-16 13:55:28 UTC (rev 2760)
+++ data/CVE/list 2005-11-16 17:33:13 UTC (rev 2761)
@@ -334,13 +334,13 @@
CVE-2005-3348 [phpsysinfo http response splitting]
RESERVED
{DSA-897-1}
- - phpsysinfo <unfixed> (bug #339079)
+ - phpsysinfo 2.3-7 (bug #339079)
- egroupware 1.0.0.009.dfsg-3-3
- phpgroupware 0.9.16.008-2
CVE-2005-3347 [phpsysinfo file inclusion issue]
RESERVED
{DSA-897-1}
- - phpsysinfo <unfixed> (bug #339079)
+ - phpsysinfo 2.3-7 (bug #339079)
- egroupware 1.0.0.009.dfsg-3-3
- phpgroupware 0.9.16.008-2
CVE-2005-3346 [osh: Local root exploit due to incorrect env var handling]
@@ -9412,6 +9412,7 @@
NOT-FOR-US: Topic Calendar phpbb2 plugin
CVE-2005-0870 (Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, ...)
{DSA-897-1 DSA-724-1}
+ TODO: Double-check, according to 2.3-7 changelog only fixed in -7?
- phpsysinfo 2.3-3
- egroupware 1.0.0.009.dfsg-3-3
- phpgroupware 0.9.16.008-2
More information about the Secure-testing-commits
mailing list