[Secure-testing-commits] r7087 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Wed Oct 24 14:13:25 UTC 2007


Author: white
Date: 2007-10-24 14:13:24 +0000 (Wed, 24 Oct 2007)
New Revision: 7087

Modified:
   data/CVE/list
Log:
Weblinks is not included in the drupal packages, thus drupal not affected

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-24 11:37:53 UTC (rev 7086)
+++ data/CVE/list	2007-10-24 14:13:24 UTC (rev 7087)
@@ -114,8 +114,9 @@
 CVE-2007-5599 (Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow ...)
 	NOT-FOR-US: awrate
 CVE-2007-5598 (Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x ...)
-	- drupal5 <unfixed> (low; bug #447748)
-	- drupal <unfixed> (low; bug #447746)
+	- drupal5 <not-affected> (bug #447748)
+	- drupal <not-affected> (bug #447746)
+	NOTE: drupal weblinks is not included in the drupal package in debian
 CVE-2007-5597 (The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 ...)
 	- drupal5 5.3-1
 	- drupal 4.7.8-1




More information about the Secure-testing-commits mailing list