[Secure-testing-commits] r12942 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Tue Oct 6 11:07:29 UTC 2009
Author: derevko-guest
Date: 2009-10-06 11:07:29 +0000 (Tue, 06 Oct 2009)
New Revision: 12942
Modified:
data/CVE/list
Log:
- CVE-2008-6838, CVE-2008-6837 fixed in zoph 0.8.0.1-1
- backuppc patch is incomplete
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-05 22:12:43 UTC (rev 12941)
+++ data/CVE/list 2009-10-06 11:07:29 UTC (rev 12942)
@@ -2027,7 +2027,7 @@
CVE-2009-2881 (Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote ...)
NOT-FOR-US: Basilic
CVE-2009-3369 (CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in ...)
- - backuppc 3.1.0-7 (low; bug #542218)
+ - backuppc <unfixed> (low; bug #542218)
[etch] - backuppc <no-dsa> (Requires access)
[lenny] - backuppc <no-dsa> (Requires access)
CVE-2009-XXXX [burn: Insecure escaping of file names]
@@ -4163,10 +4163,10 @@
CVE-2008-6839 (Multiple cross-site scripting (XSS) vulnerabilities in TGS Content ...)
NOT-FOR-US: TGS Content Management
CVE-2008-6838 (Cross-site scripting (XSS) vulnerability in search.php in Zoph 0.7.2.1 ...)
- - zoph <unfixed> (low; bug #535188)
+ - zoph 0.8.0.1-1 (low; bug #535188)
NOTE: it seems a duplicate of CVE-2008-3258
CVE-2008-6837 (SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to ...)
- - zoph <unfixed> (bug #535188)
+ - zoph 0.8.0.1-1 (bug #535188)
NOTE: the details are unknown
CVE-2009-2343 (Cross-site scripting (XSS) vulnerability in people.php in Zoph before ...)
- zoph <unfixed> (low; bug #535188)
More information about the Secure-testing-commits
mailing list