[Secure-testing-commits] r12693 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Aug 27 09:14:15 UTC 2009 

Author: joeyh
Date: 2009-08-27 09:14:15 +0000 (Thu, 27 Aug 2009)
New Revision: 12693

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-27 07:44:24 UTC (rev 12692)
+++ data/CVE/list	2009-08-27 09:14:15 UTC (rev 12693)
@@ -379,15 +379,15 @@
 CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 ...)
 	- squid <unfixed> (low; bug #534982)
 CVE-2009-2854 (Wordpress before 2.8.3 does not check capabilities for certain ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1
 CVE-2009-2853 (Wordpress before 2.8.3 allows remote attackers to gain privileges via ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1
 CVE-2009-2852 (WP-Syntax plugin 0.9.1 and earlier for Wordpress, with ...)
 	NOT-FOR-US: WP-Syntax plugin
 CVE-2009-2851 (Cross-site scripting (XSS) vulnerability in the administrator ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low)
 CVE-2009-2850 (Multiple buffer overflows in NASA Common Data Format (CDF) allow ...)
 	NOT-FOR-US: NASA Common Data Format
@@ -2072,7 +2072,7 @@
 	- wordpress 2.8.3-1 (unimportant; bug #536724)
 	NOTE: Minor information leak
 CVE-2009-2334 (wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #536724)
 CVE-2009-2333 (Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and ...)
 	NOT-FOR-US: CMS Chainuk
@@ -4469,7 +4469,7 @@
 CVE-2009-1450 (PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 ...)
 	NOT-FOR-US: SMA-DB 
 CVE-2008-6767 (wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #531736)
 	NOTE: low impact, probably no-dsa
 CVE-2008-6766 (cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote ...)
@@ -4481,7 +4481,7 @@
 CVE-2008-6763 (login2.php in Silentum LoginSys 1.0.0 allows remote attackers to ...)
 	NOT-FOR-US: Silentum LoginSys
 CVE-2008-6762 (Open redirect vulnerability in wp-admin/upgrade.php in WordPress, ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #531736)
 	NOTE: low impact, probably no-dsa
 CVE-2008-6761 (Static code injection vulnerability in admin/install.php in ...)
@@ -12314,7 +12314,7 @@
 CVE-2008-XXXX [yzis insecure temp file]
 	- yzis 1.0~alpha1-2 (bug #504680)
 CVE-2008-5113 (WordPress 2.6.3 relies on the REQUEST superglobal array in certain ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-10 (bug #504771)
 CVE-2008-4990 (Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before ...)
 	NOT-FOR-US: Enomalism
@@ -12695,7 +12695,7 @@
 CVE-2008-4797 (Directory traversal vulnerability in Arihiro Kurata Kantan WEB Server ...)
 	NOT-FOR-US: Arihiro Kurata Kantan WEB Server
 CVE-2008-4796 (The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 ...)
-	{DSA-1871-1 DSA-1691-1}
+	{DSA-1871-2 DSA-1871-1 DSA-1691-1}
 	- libphp-snoopy 1.2.4-1 (bug #504168; medium)
 	- ampache 3.4.1-2 (bug #504169)
 	- mahara 1.0.5-2 (bug #504170)
@@ -12768,7 +12768,7 @@
 	- ekg 1:1.8~rc0-1 (low)
 	TODO: check other embedding packages
 CVE-2008-4769 (Directory traversal vulnerability in the get_category_template ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-1
 CVE-2008-4768 (SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to ...)
 	NOT-FOR-US: TLM CMS
@@ -14332,7 +14332,7 @@
 	NOTE: the rand() and mt_rand() functions were never said to be cryptographically strong
 	NOTE: http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html
 CVE-2008-4106 (WordPress before 2.6.2 does not properly handle MySQL warnings about ...)
-	{DSA-1871-1}
+	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-8 (bug #500115)
 CVE-2008-4105 (JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that ...)
 	NOT-FOR-US: Joomla
@@ -20899,7 +20899,7 @@
 	- serendipity 1.3-1
 	NOTE: http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html
 CVE-2008-1502 (The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in ...)
-	{DSA-1871-1 DSA-1691-1}
+	{DSA-1871-2 DSA-1871-1 DSA-1691-1}
 	- egroupware 1.4.002.dfsg-2.1 (bug #471839)
 	- wordpress 2.5.0-1 (bug #504243)
 	- moodle 1.8.2-1.3 (bug #489533)

More information about the Secure-testing-commits mailing list