[Secure-testing-commits] r4237 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Thu Jun 15 20:24:25 UTC 2006
Author: alec-guest
Date: 2006-06-15 20:24:22 +0000 (Thu, 15 Jun 2006)
New Revision: 4237
Modified:
data/CVE/list
Log:
* CVE-2006-2945 (dokuwiki): bug number
* CVE-2006-2831 (drupal): confirmation from sesse@ that his NMU fixed this one
(not in changelog)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-06-15 18:17:18 UTC (rev 4236)
+++ data/CVE/list 2006-06-15 20:24:22 UTC (rev 4237)
@@ -130,7 +130,7 @@
CVE-2006-2946 (Dmx Forum 2.1a stores _includes/bd.inc under the web root with ...)
NOT-FOR-US: Dmx Forum
CVE-2006-2945 (Unspecified vulnerability the user profile change functionality in ...)
- - dokuwiki <unfixed> (bug filed; low)
+ - dokuwiki <unfixed> (bug #373689; low)
CVE-2006-2944 (Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier ...)
NOT-FOR-US: FORM2MAIL
CVE-2006-2943 (Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows ...)
@@ -363,10 +363,10 @@
CVE-2006-2832 (Cross-site scripting (XSS) vulnerability in the upload module ...)
- drupal 4.5.8-1.1 (medium)
CVE-2006-2831 (Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under ...)
- - drupal <unfixed> (high)
- NOTE: This CVE references the same Drupal security advisory as CVE-2006-2832;
- NOTE: I believe it is fixed in 4.5.8-1.1, but I don't grok PHP. Mailed sesse@
- NOTE: for confirmation.
+ NOTE: Although not in the changelog, sesse@ (responsible for 4.5.8-1.1)
+ NOTE: says he pulled in the entire patch for DRUPAL-SA-2006-007, which
+ NOTE: fixes CVE-2006-2831.
+ - drupal 4.5.8-1.1 (medium)
CVE-2006-2830 (Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent ...)
NOT-FOR-US: TIBCO
CVE-2006-2829 (Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before ...)
More information about the Secure-testing-commits
mailing list