[Secure-testing-commits] r4182 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Tue Jun 13 00:03:44 UTC 2006
Author: alec-guest
Date: 2006-06-13 00:03:41 +0000 (Tue, 13 Jun 2006)
New Revision: 4182
Modified:
data/CVE/list
Log:
* Two knowledgetree vulns (low)
* Debian doesn't ship affected pyblosxom plugins
* DokuWiki vulnerability (high) is pending
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-06-12 20:56:20 UTC (rev 4181)
+++ data/CVE/list 2006-06-13 00:03:41 UTC (rev 4182)
@@ -90,9 +90,9 @@
CVE-2006-2887 (Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and ...)
TODO: check
CVE-2006-2886 (view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote ...)
- TODO: check
+ - knowledgetree <unfixed> (bug filed; low)
CVE-2006-2885 (Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree ...)
- TODO: check
+ - knowledgetree <unfixed> (bug filed; low)
CVE-2006-2884 (SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows ...)
TODO: check
CVE-2006-2883 (Cross-site scripting (XSS) vulnerability in search.php in Kmita FAQ ...)
@@ -102,11 +102,11 @@
CVE-2006-2881 (Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 ...)
TODO: check
CVE-2006-2880 (Cross-site scripting (XSS) vulnerability in the Contributed Packages ...)
- TODO: check
+ NOT-FOR-US: pyblosxom package doesn't ship plugins
CVE-2006-2879 (SQL injection vulnerability in newscomments.php in Alex News-Engine ...)
TODO: check
CVE-2006-2878 (The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier ...)
- TODO: check
+ - dokuwiki <unfixed> (bug #370369; high)
CVE-2006-2877 (PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and ...)
TODO: check
CVE-2006-2876 (Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish ...)
More information about the Secure-testing-commits
mailing list