[Secure-testing-commits] r15091 - data/CVE

Sun Aug 1 14:46:46 UTC 2010

Author: nion
Date: 2010-08-01 14:46:45 +0000 (Sun, 01 Aug 2010)
New Revision: 15091

Modified:
   data/CVE/list
Log:
CVE-2010-2491 fixed in roundup 1.4.13-3.1
CVE-2010-2006 fixed in mydms 1.7.2+1.7.3-1.1


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-08-01 09:30:15 UTC (rev 15090)
+++ data/CVE/list	2010-08-01 14:46:45 UTC (rev 15091)
@@ -1087,7 +1087,7 @@
 	RESERVED
 CVE-2010-2491 [roundup XSS]
 	RESERVED
-	- roundup <unfixed> (bug #590769)
+	- roundup 1.4.13-3.1 (bug #590769)
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=326395
 	NOTE: http://roundup.svn.sourceforge.net/viewvc/roundup?view=revision&revision=4486
 CVE-2010-2490 [murmur DoS via malformed client query]
@@ -2308,7 +2308,7 @@
 	- mydms <unfixed> (bug #590904; medium)
 	NOTE: seems to have changed name to letoDMS
 CVE-2010-2006 (Directory traversal vulnerability in op/op.Login.php in LetoDMS ...)
-	- mydms <unfixed> (bug #582587; medium)
+	- mydms 1.7.2+1.7.3-1.1 (bug #582587; medium)
 	NOTE: seems to have changed name to letoDMS
 CVE-2010-2005 (Multiple PHP remote file inclusion vulnerabilities in DataLife Engine ...)
 	NOT-FOR-US: Datalife Engine


