[Secure-testing-commits] r8001 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Mon Jan 21 18:49:09 UTC 2008
Author: jmm-guest
Date: 2008-01-21 18:49:09 +0000 (Mon, 21 Jan 2008)
New Revision: 8001
Modified:
data/CVE/list
Log:
gforge fix was incomplete, updated packages are in preparation.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-01-21 18:26:50 UTC (rev 8000)
+++ data/CVE/list 2008-01-21 18:49:09 UTC (rev 8001)
@@ -17772,7 +17772,8 @@
- mediawiki 1.7.1-6 (bug #406238; medium)
NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721
CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php ...)
- - gforge 4.5.14-20 (low; bug #406244)
+ - gforge <unfixed> (low; bug #406244)
+ NOTE: 4.5.14-20 only fixed one of the two issues (advanced search)
[sarge] - gforge <not-affected> (Vulnerable code not present)
CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in ...)
- b2evolution 0.9.2-4 (bug #410568; low)
More information about the Secure-testing-commits
mailing list