[Secure-testing-commits] r6019 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Sat Jun 16 14:04:26 UTC 2007
Author: fw
Date: 2007-06-16 14:04:25 +0000 (Sat, 16 Jun 2007)
New Revision: 6019
Modified:
data/CVE/list
Log:
CVE-2007-2681: b2evolution non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-06-16 13:30:52 UTC (rev 6018)
+++ data/CVE/list 2007-06-16 14:04:25 UTC (rev 6019)
@@ -1255,7 +1255,10 @@
CVE-2007-2682 (The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as ...)
NOT-FOR-US: Adobe
CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution ...)
- TODO: check
+ - b2evolution <unfixed> (unimportant)
+ NOTE: This is a register_globals=on issue.
+ NOTE: More than just blogs/index.php is affected (that file isn't
+ NOTE: installed by the Debian package).
CVE-2007-2680 (Cross-site scripting (XSS) vulnerability in the management interface ...)
NOT-FOR-US: Canon
CVE-2007-2679 (PHP file inclusion vulnerability in index.php in Ivan Peevski gallery ...)
More information about the Secure-testing-commits
mailing list