[Secure-testing-commits] r5329 - data/CVE

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2007-01-23 19:19:45 +0100 (Tue, 23 Jan 2007)
New Revision: 5329

Modified:
   data/CVE/list
Log:
ed symlink issue fixed since 2000.
add note on wordpress 2.0.7 non-issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-23 17:59:16 UTC (rev 5328)
+++ data/CVE/list	2007-01-23 18:19:45 UTC (rev 5329)
@@ -1,3 +1,7 @@
+CVE-2007-XXXX [wordpress unregister_globals workaround from 2.0.7]
+	- wordpress 2.0.7 (bug #407116; unimportant)
+	NOTE: Non-issue, hash issue fixed since months in Sarge and Etch,
+	NOTE: register_globals unsupported anyway
 CVE-2007-0397 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
 	NOT-FOR-US: Cisco
 CVE-2007-0396 (Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in ...)
@@ -423,7 +427,7 @@
 CVE-2007-0206 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: OpenView Network Node Manager
 CVE-2006-6939 (GNU ed before 0.3 allows local users to overwrite arbitrary files via ...)
-	TODO: check
+	- ed 0.2-19
 CVE-2006-6938 (Directory traversal vulnerability in includes/common.php in NitroTech ...)
 	TODO: check
 CVE-2006-6937 (SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo ...)