[Secure-testing-commits] r8032 - data/CVE

[nion at alioth.debian.org]

Author: nion
Date: 2008-01-25 12:54:01 +0000 (Fri, 25 Jan 2008)
New Revision: 8032

Modified:
   data/CVE/list
Log:
CVE-2007-0176 fixed in gforge 4.6.99+svn6347-1

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-01-25 09:14:11 UTC (rev 8031)
+++ data/CVE/list	2008-01-25 12:54:01 UTC (rev 8032)
@@ -17909,8 +17909,7 @@
 	- mediawiki 1.7.1-6 (bug #406238; medium)
 	NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721
 CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php ...)
-	- gforge <unfixed> (low; bug #406244)
-	NOTE: 4.5.14-20 only fixed one of the two issues (advanced search)
+	- gforge 4.6.99+svn6347-1 (low; bug #406244)
 	[sarge] - gforge <not-affected> (Vulnerable code not present)
 CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in ...)
 	- b2evolution 0.9.2-4 (bug #410568; low)