[Secure-testing-commits] r16910 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Thu Jul 7 08:21:43 UTC 2011
Author: thijs
Date: 2011-07-07 08:21:42 +0000 (Thu, 07 Jul 2011)
New Revision: 16910
Modified:
data/CVE/list
Log:
new pma issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-07-07 06:36:24 UTC (rev 16909)
+++ data/CVE/list 2011-07-07 08:21:42 UTC (rev 16910)
@@ -321,14 +321,22 @@
[lenny] - dokuwiki <no-dsa> (Minor issue)
CVE-2011-2509
RESERVED
-CVE-2011-2508
+CVE-2011-2508 [PMASA-2011-8 filtering of a file path, which allowed for directory traversal]
RESERVED
-CVE-2011-2507
+ - phpmyadmin 4:3.4.3.1-1
+CVE-2011-2507 [PMASA-2011-7 regexp quoting issue in Synchronize code]
RESERVED
-CVE-2011-2506
+ - phpmyadmin 4:3.4.3.1-1 (unimportant)
+ [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
+ NOTE: neutralized by Suhosin patch
+CVE-2011-2506 [PMASA-2011-6 possible code injection in case session variables are compromised]
RESERVED
-CVE-2011-2505
+ - phpmyadmin 4:3.4.3.1-1 (low)
+ [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
+CVE-2011-2505 [PMASA-2011-5 possible session manipulation in swekey authentication]
RESERVED
+ - phpmyadmin 4:3.4.3.1-1
+ [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2011-2504
RESERVED
CVE-2011-2503
More information about the Secure-testing-commits
mailing list