[Secure-testing-commits] r13810 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Thu Jan 14 02:38:47 UTC 2010


Author: gilbert-guest
Date: 2010-01-14 02:38:47 +0000 (Thu, 14 Jan 2010)
New Revision: 13810

Modified:
   data/CVE/list
Log:
fix phpmyadmin tracking; use <not-affected> for bash issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-14 00:57:04 UTC (rev 13809)
+++ data/CVE/list	2010-01-14 02:38:47 UTC (rev 13810)
@@ -207,9 +207,8 @@
 	TODO: check
 CVE-2009-4605 [phpMyAdmin 2.11.10 unserialize fix]
 	RESERVED
-	- phpmyadmin <not-affected> (Vulnerable code removed)
-	[lenny] - phpmyadmin <unfixed>
-	[etch] - phpmyadmin <unfixed>
+	- phpmyadmin 4:3.2.4-1
+	NOTE: vulnerable code does not in the 3.x series (sid and squeeze checked)	
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149
 CVE-2009-4594 (Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access ...)
 	NOT-FOR-US: IBM Lotus iNotes
@@ -1311,9 +1310,9 @@
 	RESERVED
 	- linux-2.6 <unfixed>
 	- linux-2.6.24 <removed>
-CVE-2010-0002
+CVE-2010-0002 [mandriva bash issue]
 	RESERVED
-	NOT-FOR-US: Mandriva bash package
+        - bash <not-affected> (mandriva-specific packaging issue)
 CVE-2010-0001
 	RESERVED
 CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in ...)




More information about the Secure-testing-commits mailing list