[Secure-testing-commits] r2847 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Nov 23 22:30:28 UTC 2005


Author: jmm-guest
Date: 2005-11-23 22:30:25 +0000 (Wed, 23 Nov 2005)
New Revision: 2847

Modified:
   data/CVE/list
Log:
phpgroupware fixed
added a note on gadu (see embedded-code-copies)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-23 21:14:19 UTC (rev 2846)
+++ data/CVE/list	2005-11-23 22:30:25 UTC (rev 2847)
@@ -1342,8 +1342,10 @@
 	TODO: Check, when this was fixed in gnutls12
 CVE-2004-2530 (Visual truncation vulnerability in Gadu-Gadu allows remote attackers ...)
 	NOT-FOR-US: Gadu-Gadu
+	TODO: Check, whether vulnerable code is shared with ekg
 CVE-2004-2529 (Gadu-Gadu allows remote attackers to bypass the "image send" option by ...)
-	TODO: check
+	NOT-FOR-US: Gadu-Gadu
+	TODO: Check, whether vulnerable code is shared with ekg
 CVE-2004-2528 (Cross-site scripting (XSS) vulnerability in sresult.exe in Webcam ...)
 	NOT-FOR-US: Webcam Watchdog
 CVE-2004-2527 (The local and remote desktop login screens in Microsoft Windows XP ...)
@@ -2758,7 +2760,7 @@
 CVE-2005-2782 (PHP remote file inclusion vulnerability in al_initialize.php for ...)
 	NOT-FOR-US: AutoLinks Pro
 CVE-2005-2781 (The Avatar upload feature in FUD Forum before 2.7.0 does not properly ...)
-	- phpgroupware <unfixed> (bug #340094; medium)
+	- phpgroupware 0.9.16.009-1 (bug #340094; medium)
 	- egroupware <unfixed> (bug #340495; medium)
 CVE-2005-2780 (Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) ...)
 	NOT-FOR-US: Land Down Under




More information about the Secure-testing-commits mailing list