[Secure-testing-commits] r16997 - in data: CVE DSA

Thijs Kinkhorst thijs at alioth.debian.org
Tue Jul 26 19:13:36 UTC 2011 

Author: thijs
Date: 2011-07-26 19:13:36 +0000 (Tue, 26 Jul 2011)
New Revision: 16997

Modified:
   data/CVE/list
   data/DSA/list
Log:
DSA-2286-1 and further specification of affectedness


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-07-26 18:54:14 UTC (rev 16996)
+++ data/CVE/list	2011-07-26 19:13:36 UTC (rev 16997)
@@ -1,5 +1,10 @@
-CVE-2011-XXXX [PMASA-2011-11..12 phpMyAdmin various]
+CVE-2011-XXXX [PMASA-2011-12 phpMyAdmin Possible superglobal and local variables manipulation in swekey authentication.]
+	- phpmyadmin 4:3.4.3.2-1 (low)
+	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
+CVE-2011-XXXX [PMASA-2011-11 phpMyAdmin Local file inclusion vulnerability and code execution.]
 	- phpmyadmin 4:3.4.3.2-1
+	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
+	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2011-2883 (The NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access ...)
 	NOT-FOR-US: Citrix Access Gateway
 CVE-2011-2882 (Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control ...)
@@ -522,6 +527,8 @@
 CVE-2011-2643 [PMASA-2011-10 Local file inclusion.]
 	RESERVED
 	- phpmyadmin 4:3.4.3.2-1
+	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
+	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2011-2642 [PMASA-2011-9 XSS in table Print view.]
 	RESERVED
 	- phpmyadmin 4:3.4.3.2-1
@@ -867,6 +874,7 @@
 	RESERVED
 CVE-2011-2508 (Directory traversal vulnerability in libraries/display_tbl.lib.php in ...)
 	- phpmyadmin 4:3.4.3.1-1
+	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2011-2507 (libraries/server_synchronize.lib.php in the Synchronize implementation ...)
 	- phpmyadmin 4:3.4.3.1-1 (unimportant)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2011-07-26 18:54:14 UTC (rev 16996)
+++ data/DSA/list	2011-07-26 19:13:36 UTC (rev 16997)
@@ -1,3 +1,7 @@
+[26 Jul 2011] DSA-2286-1 phpymadmin - several
+	{CVE-2011-2505 CVE-2011-2506 CVE-2011-2507 CVE-2011-2508 CVE-2011-2642}
+	[squeeze] - phpmyadmin 4:3.3.7-6
+	[lenny] - phpmyadmin 4:2.11.8.1-5+lenny9
 [26 Jul 2011] DSA-2285-1 mapserver - several
 	{CVE-2011-2703 CVE-2011-2704}
 	[squeeze] - mapserver 5.6.5-2+squeeze2

More information about the Secure-testing-commits mailing list