[Secure-testing-commits] r6441 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Thu Aug 30 14:50:14 UTC 2007


Author: nion
Date: 2007-08-30 14:50:14 +0000 (Thu, 30 Aug 2007)
New Revision: 6441

Modified:
   data/CVE/list
Log:
CVE-2007-3204 and CVE-2007-3192 of jffnms fixed in 0.8.3dfsg.1-4


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-30 14:36:27 UTC (rev 6440)
+++ data/CVE/list	2007-08-30 14:50:14 UTC (rev 6441)
@@ -3122,7 +3122,9 @@
 	- php5 <unfixed> (unimportant)
 	NOTE: That's by design
 CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network ...)
-	- jffnms <unfixed> (high)
+	- jffnms 0.8.3dfsg.1-4 (high)
+	NOTE: 20_security.dpatch is addressing this bug however the maintainer didn't include
+	NOTE: a note about the CVE id.
 	NOTE: the fix for CVE-2007-3190 is incomplete (the 'pass' param can still contain an injection)
 CVE-2007-3203 (Stack-based buffer overflow in smtpdll.dll in the SMTP service in ...)
 	NOT-FOR-US: 602Pro LAN SUITE
@@ -3147,7 +3149,9 @@
 CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the ...)
 	- phpwiki <unfixed> (low; bug #429201)
 CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System (JFFNMS) ...)
-	- jffnms <unfixed> (medium)
+	- jffnms 0.8.3dfsg.1-4 (medium)
+	NOTE: 20_security.dpatch is addressing this bug however the maintainer didn't include
+	NOTE: a note about the CVE id.
 CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote ...)
 	- jffnms 0.8.3dfsg.1-4
 CVE-2007-3190 (Multiple SQL injection vulnerabilities in auth.php in Just For Fun ...)




More information about the Secure-testing-commits mailing list