[Secure-testing-commits] r6189 - data/CVE

[stef-guest at alioth.debian.org]

Author: stef-guest
Date: 2007-07-29 10:23:01 +0000 (Sun, 29 Jul 2007)
New Revision: 6189

Modified:
   data/CVE/list
Log:
drupal issues fixed

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-07-27 14:08:31 UTC (rev 6188)
+++ data/CVE/list	2007-07-29 10:23:01 UTC (rev 6189)
@@ -1,3 +1,10 @@
+CVE-2007-XXXX [Drupal CSRF]
+	- drupal5 5.2-1 (low)
+	NOTE: DRUPAL-SA-2007-017
+CVE-2007-XXXX [Drupal multiple XSS]
+	- drupal 4.7.7-1 (low)
+	- drupal5 5.2-1 (low)
+	NOTE: DRUPAL-SA-2007-018
 CVE-2007-4029 (libvorbis 1.1.2, and possibly other versions before 1.2.0, allows ...)
 	TODO: check
 CVE-2007-4028 (Absolute path traversal vulnerability in index.php in Webspell 4.01.02 ...)