[Secure-testing-commits] r5220 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Sun Jan 7 19:45:34 CET 2007
Author: stef-guest
Date: 2007-01-07 19:45:32 +0100 (Sun, 07 Jan 2007)
New Revision: 5220
Modified:
data/CVE/list
Log:
marking phpmyadmin not-affected instead of unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-07 18:38:58 UTC (rev 5219)
+++ data/CVE/list 2007-01-07 18:45:32 UTC (rev 5220)
@@ -1242,7 +1242,7 @@
CVE-2006-6375 (Cross-site scripting (XSS) vulnerability in display.php in Simple ...)
NOT-FOR-US: Simple machines Forum
CVE-2006-6374 (Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow ...)
- - phpmyadmin <unfixed> (unimportant; bug #404744)
+ - phpmyadmin <not-affected> (low; bug #404744)
[sarge] - phpmyadmin <no-dsa> (CRLF not backportable to Sarge)
[etch] - phpmyadmin <not-affected> (not exploitable with Etch's php versions)
NOTE: not exploitable with PHP 5.1.2+ and 4.4.2+
More information about the Secure-testing-commits
mailing list