[Secure-testing-commits] r4164 - data/CVE

Thu Jun 8 11:33:52 UTC 2006

Author: jmm-guest
Date: 2006-06-08 11:33:47 +0000 (Thu, 08 Jun 2006)
New Revision: 4164

Modified:
   data/CVE/list
Log:
mysql confirmed only >= 4.1 vulnerable to SQL injection


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-06-08 09:38:29 UTC (rev 4163)
+++ data/CVE/list	2006-06-08 11:33:47 UTC (rev 4164)
@@ -610,8 +610,8 @@
 	- drupal <unfixed> (bug #368835; medium)
 	NOTE: Micah requested CVE, June 6, 2006
 CVE-2006-2753 (SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x ...)
-	- mysql-dfsg <removed> (bug #369741; bug #356751; medium)
-	- mysql <unfixed> (bug #369754; medium)
+	- mysql-dfsg <not-affected> (Vulnerable code was introduced in 4.1)
+	- mysql <not-affected> (Vulnerable code was introduced in 4.1)
 	- mysql-dfsg-5.0 5.0.22-1 (bug #369735; medium)
 	- mysql-dfsg-4.1 <unfixed> (medium)
 CVE-2006-2659 (libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause ...)


