[Secure-testing-commits] r6441 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Aug 30 14:50:14 UTC 2007
Author: nion
Date: 2007-08-30 14:50:14 +0000 (Thu, 30 Aug 2007)
New Revision: 6441
Modified:
data/CVE/list
Log:
CVE-2007-3204 and CVE-2007-3192 of jffnms fixed in 0.8.3dfsg.1-4
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-30 14:36:27 UTC (rev 6440)
+++ data/CVE/list 2007-08-30 14:50:14 UTC (rev 6441)
@@ -3122,7 +3122,9 @@
- php5 <unfixed> (unimportant)
NOTE: That's by design
CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network ...)
- - jffnms <unfixed> (high)
+ - jffnms 0.8.3dfsg.1-4 (high)
+ NOTE: 20_security.dpatch is addressing this bug however the maintainer didn't include
+ NOTE: a note about the CVE id.
NOTE: the fix for CVE-2007-3190 is incomplete (the 'pass' param can still contain an injection)
CVE-2007-3203 (Stack-based buffer overflow in smtpdll.dll in the SMTP service in ...)
NOT-FOR-US: 602Pro LAN SUITE
@@ -3147,7 +3149,9 @@
CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the ...)
- phpwiki <unfixed> (low; bug #429201)
CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System (JFFNMS) ...)
- - jffnms <unfixed> (medium)
+ - jffnms 0.8.3dfsg.1-4 (medium)
+ NOTE: 20_security.dpatch is addressing this bug however the maintainer didn't include
+ NOTE: a note about the CVE id.
CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote ...)
- jffnms 0.8.3dfsg.1-4
CVE-2007-3190 (Multiple SQL injection vulnerabilities in auth.php in Just For Fun ...)
More information about the Secure-testing-commits
mailing list