[Secure-testing-commits] r10712 - data/CVE

[atomo64-guest at alioth.debian.org]

Author: atomo64-guest
Date: 2008-12-17 02:36:22 +0000 (Wed, 17 Dec 2008)
New Revision: 10712

Modified:
   data/CVE/list
Log:
NFUs, some issues CVEified


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-16 21:14:09 UTC (rev 10711)
+++ data/CVE/list	2008-12-17 02:36:22 UTC (rev 10712)
@@ -289,7 +289,7 @@
 	- axel <unfixed> (low)
 	[etch] - axel <no-dsa> (Minor issue)
 	NOTE: http://alioth.debian.org/forum/forum.php?forum_id=2846
-CVE-2008-XXXX [roundcube remote code execution via preg_replace in html2text.php]
+CVE-2008-5619 [roundcube remote code execution via preg_replace in html2text.php]
 	- roundcube 0.1.1-9 (high; bug #508628)
 	NOTE: According to the bug report, this is being exploited.
 	[sid] - moodle <unfixed> (bug #508909)
@@ -548,7 +548,7 @@
 	TODO: check
 CVE-2008-5361 (The ActionScript 2 virtual machine in Adobe Flash Player 10.x before ...)
 	TODO: check
-CVE-2008-XXXX [phpMyAdmin PMASA-2008-10 SQL injection]
+CVE-2008-5621 [phpMyAdmin PMASA-2008-10 SQL injection]
 	- phpmyadmin 4:2.11.8.1-5
 CVE-2008-XXXX [RSyslog "AllowedSender" Security Bypass Vulnerability]
 	- rsyslog 3.18.6-1 (bug #508027)
@@ -3426,6 +3426,7 @@
 	RESERVED
 CVE-2008-4122
 	RESERVED
+	NOT-FOR-US: Joomla
 CVE-2008-4121 (Multiple cross-site scripting (XSS) vulnerabilities in cpCommerce ...)
 	NOT-FOR-US: cpCommerce
 CVE-2008-4120 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 ...)
@@ -10761,6 +10762,7 @@
 	NOT-FOR-US: Sun Solaris
 CVE-2008-1094
 	RESERVED
+	NOT-FOR-US: Barracuda Spam Firewall
 CVE-2008-1093 (Acresso InstallShield Update Agent does not properly verify the ...)
 	NOT-FOR-US: FLEXnet Connect 
 CVE-2008-1092 (Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet ...)
@@ -11035,6 +11037,7 @@
 	RESERVED
 CVE-2008-0971
 	RESERVED
+	NOT-FOR-US: Barracuda Networks products
 CVE-2008-0970
 	RESERVED
 CVE-2008-0969