[Secure-testing-commits] r6376 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Wed Aug 22 21:11:21 UTC 2007
Author: jmm-guest
Date: 2007-08-22 21:11:21 +0000 (Wed, 22 Aug 2007)
New Revision: 6376
Modified:
data/CVE/list
Log:
asterisk and drupal updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-22 19:23:45 UTC (rev 6375)
+++ data/CVE/list 2007-08-22 21:11:21 UTC (rev 6376)
@@ -777,9 +777,8 @@
NOT-FOR-US: WP-FeedStats plugin for WordPress
CVE-2007-4103 (The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before ...)
- asterisk 1:1.4.9~dfsg-1
+ [etch] - asterisk <not-affected> (Only 1.2.20, 1.2.21, 1.2.21.1 and 1.2.22 affected)
[sarge] - asterisk <not-affected> (1.0 not affected)
- NOTE: Etch status needs to be checked, according to http://ftp.digium.com/pub/asa/ASA-2007-018.html
- NOTE: 1.2.20, 1.2.21, 1.2.21.1, 1.2.22 are affected. 1.2.13 from Etch isn't mentioned
CVE-2007-4102 (Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 ...)
NOT-FOR-US: sBlog
CVE-2007-4101 (Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 ...)
@@ -859,7 +858,7 @@
CVE-2007-4064 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...)
- drupal 4.7.7-1 (low)
- drupal5 5.2-1 (low)
- NOTE: DRUPAL-SA-2007-018
+ [sarge] - drupal <not-affected> (Only Drupal 5.x is affected)
CVE-2007-4063 (Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal ...)
- drupal5 5.2-1 (low)
NOTE: DRUPAL-SA-2007-017
@@ -6586,6 +6585,7 @@
NOT-FOR-US: NFN Address Book
CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk ...)
- asterisk 1:1.4.0~dfsg-1 (low)
+ [etch] - asterisk <not-affected> (Only affects 1.4.x)
CVE-2007-1593 (The administrative service in Symantec Veritas Volume Replicator (VVR) ...)
NOT-FOR-US: Symantec
CVE-2007-1592 (net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 ...)
More information about the Secure-testing-commits
mailing list