[Secure-testing-commits] r6433 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Aug 29 19:49:33 UTC 2007
Author: stef-guest
Date: 2007-08-29 19:49:33 +0000 (Wed, 29 Aug 2007)
New Revision: 6433
Modified:
data/CVE/list
Log:
new bugzilla issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-29 19:39:53 UTC (rev 6432)
+++ data/CVE/list 2007-08-29 19:49:33 UTC (rev 6433)
@@ -75,7 +75,7 @@
CVE-2007-4544 (Cross-site scripting (XSS) vulnerability in wp-newblog.php in ...)
NOT-FOR-US: WordPress multi-user (MU)
CVE-2007-4543 (Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla ...)
- TODO: check
+ - bugzilla <unfixed> (bug #440106)
CVE-2007-4542 (Multiple cross-site scripting (XSS) vulnerabilities in MapServer ...)
TODO: check
CVE-2007-4541 (Multiple cross-site scripting (XSS) vulnerabilities in Olate Download ...)
@@ -83,9 +83,11 @@
CVE-2007-4540 (Multiple SQL injection vulnerabilities in download.php in Olate ...)
NOT-FOR-US: Olate Download
CVE-2007-4539 (The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 ...)
- TODO: check
+ TODO: check again when new upstream is in unstable
+ NOTE: - bugzilla version in unstable (2.22.1) is too old to be affected
CVE-2007-4538 (email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers ...)
- TODO: check
+ TODO: check again when new upstream is in unstable
+ NOTE: - bugzilla version in unstable (2.22.1) is too old to be affected
CVE-2007-4537 (Heap-based buffer overflow in the Huffman decompression algorithm ...)
NOT-FOR-US: Skulltag
CVE-2007-4536 (TorrentTrader 1.07 and earlier sets insecure permissions for files in ...)
More information about the Secure-testing-commits
mailing list