[Secure-testing-commits] r4065 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Tue May 23 23:49:17 UTC 2006
Author: alec-guest
Date: 2006-05-23 23:49:14 +0000 (Tue, 23 May 2006)
New Revision: 4065
Modified:
data/CVE/list
Log:
* xmcd (medium)
* need to check for packages (if any?) shipping FCKeditor
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-23 23:45:04 UTC (rev 4064)
+++ data/CVE/list 2006-05-23 23:49:14 UTC (rev 4065)
@@ -15,7 +15,8 @@
CVE-2006-2543 (Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors ...)
NOT-FOR-US: Xtreme Topsites
CVE-2006-2542 (xmcdconfig in Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and ...)
- TODO: check
+ TODO: check sarge and woody
+ - xmcd <unfixed> (bug #366816; medium)
CVE-2006-2541 (SQL injection vulnerability in settings.asp in Zixforum 1.12 allows ...)
NOT-FOR-US: Zixforum
CVE-2006-2540 (Privacy leak in install.php for Diesel PHP Job Site sends sensitive ...)
@@ -41,7 +42,7 @@
CVE-2006-2530 (avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly ...)
NOT-FOR-US: Snitz mod
CVE-2006-2529 (editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, ...)
- TODO: check
+ TODO: check packages that include FCKeditor (if any?)
CVE-2006-2528 (PHP remote file inclusion vulnerability in classified_right.php in ...)
NOT-FOR-US: phpBazar
CVE-2006-2527 (Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers ...)
More information about the Secure-testing-commits
mailing list