[Secure-testing-commits] r13798 - data/CVE

Wed Jan 13 15:38:09 UTC 2010

Author: thijs
Date: 2010-01-13 15:38:08 +0000 (Wed, 13 Jan 2010)
New Revision: 13798

Modified:
   data/CVE/list
Log:
newly assigned phpmyadmin issues. need to investigate whether impact on
Debian is real


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-01-13 09:15:03 UTC (rev 13797)
+++ data/CVE/list	2010-01-13 15:38:08 UTC (rev 13798)
@@ -115,6 +115,11 @@
 	NOT-FOR-US: Kingston USB flash drives
 CVE-2010-0220 (The nsObserverList::FillObserverArray function in ...)
 	TODO: check
+CVE-2009-4605 [phpMyAdmin 2.11.10 unserialize fix]
+	- phpmyadmin <not-affected> (Vulnerable code removed)
+	[lenny] - phpmyadmin <unfixed>
+	[etch] - phpmyadmin <unfixed>
+	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149
 CVE-2009-4594 (Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access ...)
 	NOT-FOR-US: IBM Lotus iNotes
 CVE-2009-4593 (The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not ...)
@@ -681,6 +686,12 @@
 	NOT-FOR-US: Auto-Surf Traffic Exchange Script
 CVE-2009-4459 (Redmine 0.8.7 and earlier uses the title tag before defining the ...)
 	- redmine <unfixed> (bug #563940)
+CVE-2008-7252 [phpMyAdmin tempfile issue]
+	- phpmyadmin 4:3.0.0-1
+	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
+CVE-2008-7251 [phpMyAdmin tempfile issue]
+	- phpmyadmin 4:3.0.0-1
+	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
 CVE-2008-7250 (Cross-site scripting (XSS) vulnerability in Squid Analysis Report ...)
 	- sarg 2.2.5-1 (low)
 CVE-2008-7249 (Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and ...)


