[Secure-testing-commits] r3382 - in data: CVE DSA
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Fri Jan 27 10:49:48 UTC 2006
Author: jmm-guest
Date: 2006-01-27 10:49:41 +0000 (Fri, 27 Jan 2006)
New Revision: 3382
Modified:
data/CVE/list
data/DSA/list
Log:
drupal DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-27 09:14:25 UTC (rev 3381)
+++ data/CVE/list 2006-01-27 10:49:41 UTC (rev 3382)
@@ -2354,13 +2354,10 @@
NOT-FOR-US: Multipke DuWare products
CVE-2005-3975 (Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and ...)
- drupal 4.5.6-1 (bug #348811; medium)
- NOTE: Sarge is affected
CVE-2005-3974 (Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on ...)
- drupal 4.5.6-1 (low)
- [sarge] - drupal <not-affected> (Only vulnerable if running PHP 5)
CVE-2005-3973 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 4.5.0 ...)
- drupal 4.5.6-1 (bug #348811; medium)
- NOTE: Sarge is affected
CVE-2005-3972 (Cross-site scripting (XSS) vulnerability in extremesearch.php in ...)
NOT-FOR-US: Extreme Search Corporate Edition
CVE-2005-3971 (Cross-site scripting (XSS) vulnerability in the login form in Citrix ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2006-01-27 09:14:25 UTC (rev 3381)
+++ data/DSA/list 2006-01-27 10:49:41 UTC (rev 3382)
@@ -1,3 +1,7 @@
+[27 Jan 2006] DSA-958-1 drupal - several
+ {CVE-2005-3973 CVE-2005-3974 CVE-2005-3975}
+ [sarge] - drupal 4.5.3-5
+ NOTE: fixed in testing at time of DSA
[26 Jan 2006] DSA-957-1 imagemagick - missing shell meta sanitising
{CVE-2005-4601}
[woody] - imagemagick 4:5.4.4.5-1woody7
More information about the Secure-testing-commits
mailing list