[Secure-testing-commits] r5807 - data/CVE
Florian Weimer
fw at alioth.debian.org
Tue May 8 18:04:58 UTC 2007
Author: fw
Date: 2007-05-08 18:04:52 +0000 (Tue, 08 May 2007)
New Revision: 5807
Modified:
data/CVE/list
Log:
CVE-2007-1395: phpmyadmin fixed
CVE-2007-1325: phpmyadmin <no-dsa> (PHP issue)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-07 21:14:47 UTC (rev 5806)
+++ data/CVE/list 2007-05-08 18:04:52 UTC (rev 5807)
@@ -2460,7 +2460,7 @@
- php5 <unfixed> (unimportant)
NOTE: Non-issue
CVE-2007-1395 (Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 ...)
- - phpmyadmin <unfixed> (medium)
+ - phpmyadmin 4:2.10.0.2-1 (medium)
CVE-2007-1394 (Direct static code injection vulnerability in startsession.php in Flat ...)
NOT-FOR-US: Flat Chat
CVE-2007-1393 (PHP remote file inclusion vulnerability in mysave.php in Magic CMS ...)
@@ -2620,6 +2620,8 @@
NOTE: http://blog.s9y.org/archives/164-Serendipity-1.1.2-released.html
CVE-2007-1325 (The PMA_ArrayWalkRecursive function in libraries/common.lib.php in ...)
- phpmyadmin 4:2.10.0.2-1
+ [sarge] - phpmyadmin <no-dsa> (workaround for PHP issue)
+ [etch] - phpmyadmin <no-dsa> (workaround for PHP issue)
CVE-2007-1324 (SnapGear 560, 585, 580, 640, 710, and 720 appliances before the ...)
NOT-FOR-US: SnapGear
CVE-2007-1323
More information about the Secure-testing-commits
mailing list