[Secure-testing-commits] r8197 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Thu Feb 21 23:45:08 UTC 2008
Author: thijs
Date: 2008-02-21 23:45:07 +0000 (Thu, 21 Feb 2008)
New Revision: 8197
Modified:
data/CVE/list
Log:
webcalendar bug, mailman fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-02-21 22:07:56 UTC (rev 8196)
+++ data/CVE/list 2008-02-21 23:45:07 UTC (rev 8197)
@@ -658,7 +658,7 @@
- openldap2.2 <removed>
- openldap2 <not-affected> (slapd not built)
CVE-2007-6696 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...)
- - webcalendar <unfixed>
+ - webcalendar <unfixed> (bug #466935)
CVE-2007-6695 (Cross-site scripting (XSS) vulnerability in index.php in Drake CMS ...)
NOT-FOR-US: Drake CMS
CVE-2008-0664 (The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, ...)
@@ -674,7 +674,7 @@
CVE-2008-0554 (Buffer overflow in the readImageData function in giftopnm.c in netpbm ...)
- netpbm-free 10.0-11.1 (medium; bug #464056)
CVE-2008-0564 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...)
- - mailman <unfixed> (low)
+ - mailman 1:2.1.10~b3-1 (low)
[etch] - mailman <no-dsa> (Minor issue)
[sarge] - mailman <no-dsa> (Minor issue)
NOTE: Someone authenticated as list admin can insert malicious script
More information about the Secure-testing-commits
mailing list