[Secure-testing-commits] r11517 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Wed Apr 1 05:13:20 UTC 2009
Author: thijs
Date: 2009-04-01 05:13:19 +0000 (Wed, 01 Apr 2009)
New Revision: 11517
Modified:
data/CVE/list
Log:
phpMyAdmin issues, all fixed in sid/squeeze, one affects lenny/etch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-31 22:28:27 UTC (rev 11516)
+++ data/CVE/list 2009-04-01 05:13:19 UTC (rev 11517)
@@ -49,12 +49,19 @@
NOT-FOR-US: Siemens router
CVE-2009-1151 (Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x ...)
- phpmyadmin 4:3.1.3.1-1
+ [lenny] - phpmyadmin <unfixed> (unimportant)
+ [etch] - phpmyadmin <unfixed> (unimportant)
+ NOTE: in Debian only accessible for administrator
CVE-2009-1150 (Multiple cross-site scripting (XSS) vulnerabilities in the export page ...)
- phpmyadmin 4:3.1.3.1-1
CVE-2009-1149 (CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB ...)
- phpmyadmin 4:3.1.3.1-1
+ [etch] - phpmyadmn <not-affected> (Vulnerable code not present)
+ [lenny] - phpmyadmn <not-affected> (Vulnerable code not present)
CVE-2009-1148 (Directory traversal vulnerability in bs_disp_as_mime_type.php in the ...)
- phpmyadmin 4:3.1.3.1-1
+ [etch] - phpmyadmn <not-affected> (Vulnerable code not present)
+ [lenny] - phpmyadmn <not-affected> (Vulnerable code not present)
CVE-2009-1147
RESERVED
CVE-2009-1146
More information about the Secure-testing-commits
mailing list