[Secure-testing-commits] r11471 - data/CVE

atomo64-guest at alioth.debian.org atomo64-guest at alioth.debian.org
Wed Mar 25 04:45:25 UTC 2009


Author: atomo64-guest
Date: 2009-03-25 04:45:24 +0000 (Wed, 25 Mar 2009)
New Revision: 11471

Modified:
   data/CVE/list
Log:
phpBB3 issue CVEified, postgresql issue processed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-03-24 21:14:16 UTC (rev 11470)
+++ data/CVE/list	2009-03-25 04:45:24 UTC (rev 11471)
@@ -23,9 +23,7 @@
 CVE-2008-6508 (Directory traversal vulnerability in the AuthCheck filter in the Admin ...)
 	TODO: check
 CVE-2008-6507 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers to ...)
-	TODO: check
-CVE-2008-6506 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers to ...)
-	TODO: check
+	- phpbb3 3.0.2-4
 CVE-2008-6505 (Multiple directory traversal vulnerabilities in Apache Struts 2.0.x ...)
 	TODO: check
 CVE-2008-6504 (ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and ...)
@@ -317,7 +315,10 @@
 CVE-2009-0923 (Unspecified vulnerability in Kerberos Incremental Propagation in ...)
 	NOT-FOR-US: Solaris
 CVE-2009-0922 (PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows ...)
-	TODO: check
+	- postgresql-8.3 8.3.7-1 (bug #517405)
+	[etch] - postgresql-8.1 <unfixed>
+	[etch] - postgresql-7.4 <unfixed>
+	TODO: check if DSAs are required
 CVE-2008-6481 (SQL injection vulnerability in the Versioning component ...)
 	NOT-FOR-US: Versioning component (com_versioning) in Joomla! and Mambo 
 CVE-2009-0921
@@ -4397,7 +4398,7 @@
 CVE-2008-5557 (Heap-based buffer overflow in ...)
 	{DTSA-188-1}
 	- php5 5.2.6.dfsg.1-1 (bug #511493)
-CVE-2008-XXXX [phpBB3 Account Re-activation Security Bypass]
+CVE-2008-6506 [phpBB3 Account Re-activation Security Bypass]
 	- phpbb3 3.0.2-4 (low; bug #508872)
 CVE-2008-5556 (** DISPUTED ** ...)
 	NOT-FOR-US: Microsoft Internet Explorer




More information about the Secure-testing-commits mailing list