[Secure-testing-commits] r11567 - data/CVE

Nico Golde nion at alioth.debian.org
Mon Apr 6 16:12:03 UTC 2009 

Author: nion
Date: 2009-04-06 16:12:03 +0000 (Mon, 06 Apr 2009)
New Revision: 11567

Modified:
   data/CVE/list
Log:
spip made it back into debian with a lot of fixed issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-04-06 16:07:20 UTC (rev 11566)
+++ data/CVE/list	2009-04-06 16:12:03 UTC (rev 11567)
@@ -4411,9 +4411,9 @@
 	TODO: check php4
 	NOTE: there's not enough information available, no known bug, no known fix
 CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before ...)
-	NOT-FOR-US: SPIP
+	- spip 2.0.6-1
 CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 ...)
-	NOT-FOR-US: SPIP
+	- spip 2.0.6-1
 CVE-2008-5811 (SQL injection vulnerability in the PaxGallery (com_paxgallery) ...)
 	NOT-FOR-US: joomla
 CVE-2008-5810 (WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, ...)
@@ -24721,7 +24721,7 @@
 CVE-2007-4526 (The Client Login Extension (CLE) in Novell Identity Manager before ...)
 	NOT-FOR-US: Novell Identity Manager
 CVE-2007-4525 (** DISPUTED ** ...)
-	NOT-FOR-US: SPIP (was in unstable some time, but not in any supported release)
+	- spip 2.0.6-1
 CVE-2007-4524 (PHP remote file inclusion vulnerability in adisplay.php in PhPress ...)
 	NOT-FOR-US: PhPress
 CVE-2007-4523 (Multiple cross-site scripting (XSS) vulnerabilities in Ripe Website ...)
@@ -48153,7 +48153,7 @@
 CVE-2006-1703 (PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws ...)
 	NOT-FOR-US: Sire 2.0 nws
 CVE-2006-1702 (PHP remote file inclusion vulnerability in spip_login.php3 in SPIP ...)
-	NOT-FOR-US: SPIP
+	- spip 2.0.6-1
 CVE-2006-1701 (Cross-site scripting (XSS) vulnerability in the Pages module in ...)
 	NOT-FOR-US: Shadowed Portal
 CVE-2006-1700 (Buy.php in Aweb Scripts Seller uses predictable cookies for ...)
@@ -49155,7 +49155,7 @@
 CVE-2006-1296 (Untrusted search path vulnerability in Beagle 0.2.2.1 might allow ...)
 	- beagle 0.2.3-1 (bug #357392; low)
 CVE-2006-1295 (Cross-site scripting (XSS) vulnerability in recherche.php3 in SPIP ...)
-	NOT-FOR-US: SPIP
+	- spip 2.0.6-1
 CVE-2006-1294 (PHP remote file include vulnerability in PageController.php in ...)
 	NOT-FOR-US: KnowledgebasePublisher
 CVE-2006-1293 (Cross-site scripting (XSS) vulnerability in index.php in Contrexx CMS ...)
@@ -50986,16 +50986,16 @@
 CVE-2006-0520 (SQL injection vulnerability index.php in Dragoran Portal module 1.3 ...)
 	NOT-FOR-US: Invision Power Board
 CVE-2006-0519 (SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows ...)
-	- spip <removed> (medium; bug #351336)
+	- spip 2.0.6-1 (medium; bug #351336)
 CVE-2006-0518 (Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e ...)
-	- spip <removed> (medium; bug #351335)
+	- spip 2.0.6-1 (medium; bug #351335)
 CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...)
-	- spip <removed> (medium; bug #351334)
+	- spip 2.0.6-1 (medium; bug #351334)
 CVE-2006-0625 (Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and ...)
-	- spip <removed> (medium; bug #352076)
+	- spip 2.0.6-1 (medium; bug #352076)
 	NOTE: http://www.securityfocus.com/bid/16556
 CVE-2006-0626 (SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and ...)
-	- spip <removed> (medium; bug #352077)
+	- spip 2.0.6-1 (medium; bug #352077)
 	NOTE: http://www.securityfocus.com/bid/16551
 CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...)
 	NOT-FOR-US: Solaris

More information about the Secure-testing-commits mailing list