[Secure-testing-commits] r13701 - in data: CVE NMU

Giuseppe Iuculano derevko-guest at alioth.debian.org
Sun Jan 3 10:55:57 UTC 2010 

Author: derevko-guest
Date: 2010-01-03 10:55:57 +0000 (Sun, 03 Jan 2010)
New Revision: 13701

Modified:
   data/CVE/list
   data/NMU/list
Log:
- NFUs and ITPs
- phpldapadmin NMUed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-03 08:25:45 UTC (rev 13700)
+++ data/CVE/list	2010-01-03 10:55:57 UTC (rev 13701)
@@ -70,7 +70,7 @@
 CVE-2009-4428 (SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) ...)
 	NOT-FOR-US: Joomla addon
 CVE-2009-4427 (Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 ...)
-	- phpldapadmin <unfixed> (medium; bug #561975)
+	- phpldapadmin 1.1.0.7-1.1 (medium; bug #561975)
 CVE-2009-4426 (Multiple directory traversal vulnerabilities in Ignition 1.2, when ...)
 	NOT-FOR-US: Ignition
 CVE-2009-4425 (Cross-site scripting (XSS) vulnerability in index.php in iDevCart 1.09 ...)
@@ -948,7 +948,6 @@
 	RESERVED
 CVE-2009-4140 (Unrestricted file upload vulnerability in ofc_upload_image.php in Open ...)
 	- piwik <itp> (bug #506933)
-	TODO: check
 CVE-2009-4139
 	RESERVED
 CVE-2009-4138 (drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when ...)
@@ -971,7 +970,6 @@
 	RESERVED
 CVE-2009-4133 (Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for ...)
 	- condor <itp> (bug #233482)
-	TODO: check
 CVE-2009-4132
 	REJECTED
 CVE-2009-4131 (The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ...)
@@ -2257,9 +2255,9 @@
 CVE-2009-3704 (ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, ...)
 	NOT-FOR-US: ZoIPer
 CVE-2009-3703 (Multiple SQL injection vulnerabilities in the WP-Forum plugin before ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2009-3702 (Multiple absolute path traversal vulnerabilities in PHP-Calendar 1.1 ...)
-	TODO: check
+	NOT-FOR-US: PHP-Calendar
 CVE-2009-3701 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
 	- horde3 3.3.6+debian0-1 (low)
 	[lenny] - horde3 <no-dsa> (minor issue)
@@ -8311,9 +8309,9 @@
 	[etch] - cacti 0.8.6i-3.3
 	NOTE: Fixed in DSA-1569-1
 CVE-2009-1798 (Multiple cross-site scripting (XSS) vulnerabilities on the Network ...)
-	TODO: check
+	NOT-FOR-US: APC
 CVE-2009-1797 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
-	TODO: check
+	NOT-FOR-US: APC
 CVE-2009-1796 (Cross-site scripting (XSS) vulnerability in Sun Java System Portal ...)
 	NOT-FOR-US: Sun Java System Portal Server
 CVE-2009-1795

Modified: data/NMU/list
===================================================================
--- data/NMU/list	2010-01-03 08:25:45 UTC (rev 13700)
+++ data/NMU/list	2010-01-03 10:55:57 UTC (rev 13701)
@@ -181,3 +181,4 @@
 2009-12-06 libstruts1.2-java 1.2.9-3.1
 2009-12-16 cacti 0.8.7e-1.1
 2009-12-24 poppler 0.12.2-2.1
+2010-01-02 phpldapadmin 1.1.0.7-1.1

More information about the Secure-testing-commits mailing list