[Secure-testing-commits] r3450 - data/CVE
Micah Anderson
micah at costa.debian.org
Thu Feb 9 18:04:16 UTC 2006
Author: micah
Date: 2006-02-09 18:04:10 +0000 (Thu, 09 Feb 2006)
New Revision: 3450
Modified:
data/CVE/list
Log:
CVE ids obtained for SPIP issues, one already existed but we had marked as NOT-FOR-US for some reason
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-09 16:20:20 UTC (rev 3449)
+++ data/CVE/list 2006-02-09 18:04:10 UTC (rev 3450)
@@ -175,15 +175,12 @@
- spip <unfixed> (medium; bug #351335)
CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...)
- spip <unfixed> (medium; bug #351334)
-CVE-2006-XXXX (Input validation vulnerability in SPIP Spip_RSS.PHP)
+CVE-2006-0625 (Input validation vulnerability in SPIP Spip_RSS.PHP)
- spip <unfixed> (medium; bug #352076)
NOTE: http://www.securityfocus.com/bid/16556
-CVE-2006-XXXX (SQL injection vulnerability in SPIP Spip_acces_doc.PHP)
+CVE-2006-0626 (SQL injection vulnerability in SPIP Spip_acces_doc.PHP)
- spip <unfixed> (medium; bug #352077)
NOTE: http://www.securityfocus.com/bid/16551
-CVE-2006-XXXX (XSS in SPIP spip_login.php3 and spip_pass.php3)
- - spip <unfixed> (medium; bug #352078)
- NOTE: http://pridels.blogspot.com/2005/12/spip-xss-vuln.html
CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...)
NOT-FOR-US: Solaris
CVE-2006-0515
@@ -1706,7 +1703,7 @@
CVE-2005-4495 (** DISPUTED ** ...)
NOT-FOR-US: SpireMedia
CVE-2005-4494 (Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier ...)
- NOT-FOR-US: SPIP
+ - spip <unfixed> (medium; bug #352078)
CVE-2005-4493 (Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier ...)
NOT-FOR-US: SpearTek
CVE-2005-4492 (Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 ...)
More information about the Secure-testing-commits
mailing list