[Secure-testing-commits] r4615 - data/CVE
Sean Finney
seanius at costa.debian.org
Wed Aug 23 19:11:25 UTC 2006
Author: seanius
Date: 2006-08-23 19:11:20 +0000 (Wed, 23 Aug 2006)
New Revision: 4615
Modified:
data/CVE/list
Log:
notes on CVE-2006-2106
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-08-23 17:29:54 UTC (rev 4614)
+++ data/CVE/list 2006-08-23 19:11:20 UTC (rev 4615)
@@ -4900,6 +4900,11 @@
CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software Trac ...)
- trac 0.9.5-1 (medium)
[sarge] - trac <unfixed> (medium)
+ NOTE: http://trac.edgewall.org/changeset/3201
+ NOTE: http://trac.edgewall.org/changeset/3287
+ NOTE: the second reference fixes a regression in the first. i *believe*
+ NOTE: that these correctly solve the problem, though we really ought
+ NOTE: to run this by upstream or the reporter.
CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 ...)
NOT-FOR-US: Jupiter
CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email ...)
More information about the Secure-testing-commits
mailing list