[Secure-testing-commits] r8401 - in data: CVE DSA
thijs at alioth.debian.org
thijs at alioth.debian.org
Tue Mar 25 08:32:08 UTC 2008
Author: thijs
Date: 2008-03-25 08:32:07 +0000 (Tue, 25 Mar 2008)
New Revision: 8401
Modified:
data/CVE/list
data/DSA/list
Log:
CVE id assigned to serendipity
remove no-dsa annotation for minor issue included in cumulative DSA
correct CVE id typo for old PHP advisory
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-03-24 21:14:09 UTC (rev 8400)
+++ data/CVE/list 2008-03-25 08:32:07 UTC (rev 8401)
@@ -1,9 +1,6 @@
-CVE-2008-XXXX [Serendipity XSS in trackbacks]
+CVE-2008-1476 [Serendipity XSS in trackbacks]
- serendipity 1.3-1
- [etch] - serendipity 1.0.4-1+etch1
- NOTE: no CVE id available at time of DSA release
NOTE: http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html
- NOTE: CVE id requested
CVE-2008-XXXX [multiple security issues in kses as used in egroupware]
- egroupware 1.4.002.dfsg-2.1 (bug #471839)
CVE-2008-XXXX [OTRS osa-2008-01]
@@ -4340,7 +4337,6 @@
CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS sidebar ...)
{DSA-1528-1}
- serendipity 1.2.1-1 (low)
- [etch] - serendipity <no-dsa> (Can only be exploited in rare conditions)
CVE-2007-6204 (Multiple stack-based buffer overflows in HP OpenView Network Node ...)
NOT-FOR-US: HP OpenView
CVE-2007-6203 (Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2008-03-24 21:14:09 UTC (rev 8400)
+++ data/DSA/list 2008-03-25 08:32:07 UTC (rev 8401)
@@ -1,5 +1,5 @@
[24 Mar 2008] DSA-1528-1 serendipity - cross site scripting
- {CVE-2007-6205 CVE-2008-0124}
+ {CVE-2007-6205 CVE-2008-0124 CVE-2008-1476}
[etch] - serendipity 1.0.4-1+etch1
[24 Mar 2008] DSA-1527-1 debian-goodies - privilege escalation
{CVE-2007-3912}
@@ -995,7 +995,7 @@
{CVE-2006-6497 CVE-2006-6498 CVE-2006-6499 CVE-2006-6501 CVE-2006-6502 CVE-2006-6503 CVE-2006-6505}
[sarge] - mozilla 2:1.7.8-1sarge10
[07 Mar 2007] DSA-1264-1 php4
- {CVE-2007-0906 CVE-2007-0907 CVE-2006-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988}
+ {CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988}
[sarge] - php4 4:4.3.10-19
[06 Mar 2007] DSA-1263-1 clamav
{CVE-2007-0897 CVE-2007-0898 CVE-2007-0899}
More information about the Secure-testing-commits
mailing list