[Secure-testing-commits] r12665 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Sun Aug 23 09:48:21 UTC 2009
Author: derevko-guest
Date: 2009-08-23 09:48:21 +0000 (Sun, 23 Aug 2009)
New Revision: 12665
Modified:
data/CVE/list
Log:
wordpress etch triaging
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-23 09:14:18 UTC (rev 12664)
+++ data/CVE/list 2009-08-23 09:48:21 UTC (rev 12665)
@@ -19048,6 +19048,7 @@
NOT-FOR-US: Novell GroupWise
CVE-2008-2068 (Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows ...)
- wordpress 2.5.1-1
+ [etch] - wordpress <not-affected> (Vulnerable code not present)
CVE-2008-2067 (SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows ...)
NOT-FOR-US: miniBB
CVE-2008-2066 (Cross-site scripting (XSS) vulnerability in bb_admin.php in miniBB ...)
@@ -23549,6 +23550,7 @@
NOT-FOR-US: WP-ContactForm plugin for WordPress
CVE-2008-0196 (Multiple directory traversal vulnerabilities in WordPress 2.0.11 and ...)
- wordpress 2.3.3-1
+ [etch] - wordpress <no-dsa> (Auth is needed and attacker should have permissions to edit files)
CVE-2008-0195 (WordPress 2.0.11 and earlier allows remote attackers to obtain ...)
- wordpress <unfixed> (unimportant)
NOTE: full path and DB structure already known on Debian
More information about the Secure-testing-commits
mailing list