[Secure-testing-commits] r9448 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Mon Jul 28 15:29:20 UTC 2008


Author: white
Date: 2008-07-28 15:29:19 +0000 (Mon, 28 Jul 2008)
New Revision: 9448

Modified:
   data/CVE/list
Log:
One mantis issue fixed

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-07-28 15:21:45 UTC (rev 9447)
+++ data/CVE/list	2008-07-28 15:29:19 UTC (rev 9448)
@@ -9,7 +9,9 @@
 CVE-2008-3334 (Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14 ...)
 	NOT-FOR-US: MyBB
 CVE-2008-3333 (Directory traversal vulnerability in core/lang_api.php in Mantis ...)
-	TODO: check
+	- mantis 1.1.2+dfsg-2
+	NOTE: I've marked the above version as fixed, however I am not sure if it wasn't fixed
+	NOTE: earlier. However, lenny is fixed and it is not in etch and sarge is not supported anymore.
 CVE-2008-3332 (Eval injection vulnerability in adm_config_set.php in Mantis before ...)
 	TODO: check
 CVE-2008-3331 (Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php ...)




More information about the Secure-testing-commits mailing list