[Secure-testing-commits] r10315 - in data: . CVE
atomo64-guest at alioth.debian.org
atomo64-guest at alioth.debian.org
Thu Nov 6 21:58:30 UTC 2008
Author: atomo64-guest
Date: 2008-11-06 21:58:29 +0000 (Thu, 06 Nov 2008)
New Revision: 10315
Modified:
data/CVE/list
data/embedded-code-copies
Log:
Know about typo's itp and the copy of webcalendar in gforge-plugins-extra
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-11-06 21:52:36 UTC (rev 10314)
+++ data/CVE/list 2008-11-06 21:58:29 UTC (rev 10315)
@@ -169,11 +169,11 @@
CVE-2008-4906 (SQL injection vulnerability in lyrics_song.php in the Lyrics ...)
NOT-FOR-US: Lyrics (lyrics_menu) plugin for e107
CVE-2008-4905 (Typo 5.1.3 and earlier uses a hard-coded salt for calculating password ...)
- NOT-FOR-US: Typo (blog engine)
+ - typo <itp> (bug #379399)
CVE-2008-4904 (SQL injection vulnerability in the "Manage pages" feature ...)
- NOT-FOR-US: Typo (blog engine)
+ - typo <itp> (bug #379399)
CVE-2008-4903 (Cross-site scripting (XSS) vulnerability in the leave comment ...)
- NOT-FOR-US: Typo (blog engine)
+ - typo <itp> (bug #379399)
CVE-2008-4902 (SQL injection vulnerability in contact_author.php in Article Publisher ...)
NOT-FOR-US: Article Publisher
CVE-2008-4901 (SQL injection vulnerability in admin/admin.php in Article Publisher ...)
@@ -5150,6 +5150,7 @@
NOT-FOR-US: CMS-BRD
CVE-2008-2836 (PHP remote file inclusion vulnerability in send_reminders.php in ...)
- webcalendar 1.0.5-1 (low)
+ - gforge-plugins-extra <not-affected> (code in lenny internally sets its own path)
CVE-2008-2835 (SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows ...)
NOT-FOR-US: IGSuite
CVE-2008-2834 (SQL injection vulnerability in projects.php in Scientific Image ...)
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2008-11-06 21:52:36 UTC (rev 10314)
+++ data/embedded-code-copies 2008-11-06 21:58:29 UTC (rev 10315)
@@ -670,3 +670,6 @@
geshi
- dokuwiki <unfixed> (embed)
- pgfouine <unfixed> (embed)
+
+webcalendar
+ - gforge-plugins-extra <unfixed> (embed; bug #504758)
More information about the Secure-testing-commits
mailing list