[Secure-testing-commits] r9088 - in data: CVE DSA

[thijs at alioth.debian.org]

Author: thijs
Date: 2008-06-17 09:25:21 +0000 (Tue, 17 Jun 2008)
New Revision: 9088

Modified:
   data/CVE/list
   data/DSA/list
Log:
typo3 got CVE


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-06-16 21:33:34 UTC (rev 9087)
+++ data/CVE/list	2008-06-17 09:25:21 UTC (rev 9088)
@@ -19,10 +19,8 @@
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
 	NOTE: CVE id request was already on oss-security
-CVE-2008-XXXX [typo3 code execution & xss]
+CVE-2008-2717 [typo3 code execution & xss]
 	- typo3-src 4.1.7-1 (bug #485814)
-	NOTE: CVE id requested
-	NOTE: fixed in DSA 1596-1, but no CVE yet
 CVE-2008-2685 (SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 ...)
 	NOT-FOR-US: Battle Blog
 CVE-2008-2684 (The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2008-06-16 21:33:34 UTC (rev 9087)
+++ data/DSA/list	2008-06-17 09:25:21 UTC (rev 9088)
@@ -2,6 +2,7 @@
 	{CVE-2007-5824 CVE-2007-5825 CVE-2008-1771}
 	[etch] - mt-daapd 0.2.4+r1376-1.1+etch1
 [12 Jun 2008] DSA-1596-1 typo3-src - several vulnerabilities
+	{CVE-2008-2717}
 	[etch] - typo3-src 4.0.2+debian-5
 [11 Jun 2008] DSA-1595-1 xorg-server - several vulnerabilities
 	{CVE-2008-1377 CVE-2008-1379 CVE-2008-2360 CVE-2008-2361 CVE-2008-2362}