[Secure-testing-commits] r5399 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Thu Feb 1 22:11:49 CET 2007
Author: stef-guest
Date: 2007-02-01 22:11:47 +0100 (Thu, 01 Feb 2007)
New Revision: 5399
Modified:
data/CVE/list
Log:
- new libx11 issue fixed
- new kaya issue fixed
- drupal fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-01 20:21:40 UTC (rev 5398)
+++ data/CVE/list 2007-02-01 21:11:47 UTC (rev 5399)
@@ -1,3 +1,8 @@
+CVE-2007-XXXX [kaya buffer overflow, cross-site scripting and data leak]
+ - kaya 0.2.0-6 (bug #409062)
+CVE-2007-XXXX [file descriptor leak when a Compose file uses the "include" directive]
+ - libx11 2:1.0.3-5 (low)
+ NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=9279
CVE-2007-0633 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: MyNews
CVE-2007-0632 (SQL injection vulnerability in artreplydelete.asp in ASP EDGE 1.3a and ...)
@@ -13,7 +18,7 @@
CVE-2007-0627 (Michael Still gtalkbot before 1.2 places username and password ...)
NOT-FOR-US: gtalkbot
CVE-2007-0626 (The comment_form_add_preview function in comment.module in Drupal ...)
- TODO: check
+ - drupal 4.7.6-1
CVE-2007-0625 (nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not ...)
NOT-FOR-US: NoMachine NX Server
CVE-2007-0624 (user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the ...)
More information about the Secure-testing-commits
mailing list