[Secure-testing-commits] r15327 - in data: CVE DSA
Raphael Geissert
geissert at alioth.debian.org
Wed Sep 15 00:40:00 UTC 2010
Author: geissert
Date: 2010-09-15 00:40:00 +0000 (Wed, 15 Sep 2010)
New Revision: 15327
Modified:
data/CVE/list
data/DSA/list
Log:
new issues: django, php-apc
fix DSA entry
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-14 09:14:48 UTC (rev 15326)
+++ data/CVE/list 2010-09-15 00:40:00 UTC (rev 15327)
@@ -2,6 +2,10 @@
- piwigo <unfixed>
TODO: check, secunia only reported the XSS one
NOTE: http://www.exploit-db.com/exploits/14973/
+CVE-2010-3294 [php-apc apc.php XSS]
+ - php-apc <unfixed> (unimportant)
+ NOTE: vulnerable script is, mainly, for debugging purposes
+ NOTE: and is distributed gzip-compressed
CVE-2010-3293 [mailscanner virus updates DoS]
- mailscanner <unfixed> (bug #596397; low)
NOTE: or even unimportant, the script is not used by default
@@ -551,8 +555,10 @@
RESERVED
CVE-2010-3083
RESERVED
-CVE-2010-3082
+CVE-2010-3082 [django csrf_token XSS]
RESERVED
+ - python-django <unfixed> (bug #596205)
+ NOTE: http://www.djangoproject.com/weblog/2010/sep/08/security-release/
CVE-2010-3081
RESERVED
CVE-2010-3080
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2010-09-14 09:14:48 UTC (rev 15326)
+++ data/DSA/list 2010-09-15 00:40:00 UTC (rev 15327)
@@ -1,5 +1,6 @@
-[14 Sep 2010] DSA-2108-1 - arbitrary code execution
+[14 Sep 2010] DSA-2108-1 cvsnt - arbitrary code execution
{CVE-2010-1326}
+ [lenny] - cvsnt 2.5.03.2382-3.3+lenny1
[11 Sep 2010] DSA-2097-2 phpmyadmin - several vulnerabilities
{CVE-2010-3055 CVE-2010-3056}
[lenny] - phpmyadmin 4:2.11.8.1-5+lenny6
More information about the Secure-testing-commits
mailing list