[Secure-testing-commits] r16235 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Feb 23 09:16:22 UTC 2011
Author: joeyh
Date: 2011-02-23 09:16:14 +0000 (Wed, 23 Feb 2011)
New Revision: 16235
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-22 22:08:25 UTC (rev 16234)
+++ data/CVE/list 2011-02-23 09:16:14 UTC (rev 16235)
@@ -5320,16 +5320,19 @@
- dimp1 1.1.4+debian2-1.1 (bug #598583)
NOTE: http://lists.horde.org/archives/announce/2010/000561.html
CVE-2010-3692 (Directory traversal vulnerability in the callback function in ...)
+ {DSA-2172-1}
- libphp-cas <itp> (bug #495542)
- glpi <unfixed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
- moodle 1.9.9.dfsg2-2 (bug #601384)
CVE-2010-3691 (PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is ...)
+ {DSA-2172-1}
- libphp-cas <itp> (bug #495542)
- glpi <unfixed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
- moodle 1.9.9.dfsg2-2 (bug #601384)
CVE-2010-3690 (Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before ...)
+ {DSA-2172-1}
- libphp-cas <itp> (bug #495542)
- glpi <unfixed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
@@ -7730,11 +7733,13 @@
CVE-2010-2797 (Directory traversal vulnerability in lib/translation.functions.php in ...)
NOT-FOR-US: CMS Made Simple
CVE-2010-2796 (Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when ...)
+ {DSA-2172-1}
- libphp-cas <itp> (bug #495542)
- glpi <unfixed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
- moodle 1.9.9.dfsg2-2 (bug #601384)
CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack ...)
+ {DSA-2172-1}
- libphp-cas <itp> (bug #495542)
- glpi <unfixed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
More information about the Secure-testing-commits
mailing list