[Secure-testing-commits] r12699 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Fri Aug 28 11:58:53 UTC 2009
Author: derevko-guest
Date: 2009-08-28 11:58:52 +0000 (Fri, 28 Aug 2009)
New Revision: 12699
Modified:
data/CVE/list
Log:
- NFUs
- buildbot 0.7.11p3-1 fixed also CVE-2009-2967
- CVE-2009-0668, CVE-2009-0669 fixed in zodb 1:3.8.2-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-27 21:14:19 UTC (rev 12698)
+++ data/CVE/list 2009-08-28 11:58:52 UTC (rev 12699)
@@ -7,29 +7,30 @@
CVE-2009-2968
RESERVED
CVE-2009-2967 (Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 ...)
- TODO: check
+ - buildbot 0.7.11p3-1
+ [etch] - buildbot <not-affected> (According to the vendor 0.7.5 and earlier are not affected)
CVE-2008-7094 (Campaign/CampaignListener in the listener server in Unica Affinium ...)
- TODO: check
+ NOT-FOR-US: Affinium Campaign
CVE-2008-7093 (Multiple directory traversal vulnerabilities in Unica Affinium ...)
- TODO: check
+ NOT-FOR-US: Affinium Campaign
CVE-2008-7092 (Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium ...)
- TODO: check
+ NOT-FOR-US: Affinium Campaign
CVE-2008-7091 (Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow ...)
- TODO: check
+ NOT-FOR-US: Pligg
CVE-2008-7090 (Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier ...)
- TODO: check
+ NOT-FOR-US: Pligg
CVE-2008-7089 (Cross-site scripting (XSS) vulnerability in Pligg 9.9 and earlier ...)
- TODO: check
+ NOT-FOR-US: Pligg
CVE-2008-7088 (Unrestricted file upload vulnerability in upload.php in PhotoPost ...)
- TODO: check
+ NOT-FOR-US: PhotoPost vBGallery
CVE-2008-7087 (PHP remote file inclusion vulnerability in search_wA.php in OpenPro ...)
- TODO: check
+ NOT-FOR-US: OpenPro
CVE-2008-7086 (Maian Greetings 2.1 allows remote attackers to bypass authentication ...)
- TODO: check
+ NOT-FOR-US: Maian Greetings
CVE-2008-7085 (Multiple SQL injection vulnerabilities in TheHockeyStop HockeySTATS ...)
- TODO: check
+ NOT-FOR-US: TheHockeyStop HockeySTATS Online
CVE-2008-7084 (Directory traversal vulnerability in the web server 1.0 in Velocity ...)
- TODO: check
+ NOT-FOR-US: Velocity Security Management System
CVE-2009-2966 (avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus ...)
NOT-FOR-US: Kaspersky Internet Security
CVE-2009-2965 (Cross-site scripting (XSS) vulnerability in entry/index.jsp in ...)
@@ -7556,14 +7557,14 @@
- zope2.11 2.11.4-1 (bug #540463)
- zope2.10 2.10.9-1 (bug #540464)
- zope2.9 <removed>
- - zodb <unfixed> (bug #540465)
+ - zodb 1:3.8.2-1 (bug #540465)
CVE-2009-0668 (Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, ...)
{DSA-1863-1}
- zope3 <unfixed> (medium; bug #540462)
- zope2.11 2.11.4-1 (medium; bug #540463)
- zope2.10 2.10.9-1 (medium; bug #540464)
- zope2.9 <removed>
- - zodb <unfixed> (medium; bug #540465)
+ - zodb 1:3.8.2-1 (medium; bug #540465)
CVE-2009-0667 (Untrusted search path vulnerability in Agent/Backend.pm in ...)
{DSA-1828-1}
- ocsinventory-agent 1:0.0.9.2repack1-5 (medium; bug #506416)
More information about the Secure-testing-commits
mailing list