[Secure-testing-commits] r17343 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2011-10-01 10:41:04 +0000 (Sat, 01 Oct 2011)
New Revision: 17343

Modified:
   data/CVE/list
Log:
phpmyadmin CVEfied, thijs, can you doublecheck the status after the split?


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-10-01 10:33:59 UTC (rev 17342)
+++ data/CVE/list	2011-10-01 10:41:04 UTC (rev 17343)
@@ -598,10 +598,14 @@
 	RESERVED
 CVE-2011-3593
 	RESERVED
-CVE-2011-3592
+CVE-2011-3592 [phpMyAdmin did not properly sanitize the content of db, table, and column names prior use of their values.]
 	RESERVED
-CVE-2011-3591
+	- phpmyadmin 4:3.4.5-1
+CVE-2011-3591 [PMASA-2011-14 XSS]
 	RESERVED
+	- phpmyadmin 4:3.4.5-1
+	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
+	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2011-3590
 	RESERVED
 CVE-2011-3589
@@ -969,10 +973,6 @@
 	TODO: check
 CVE-2009-5096 (Cross-site scripting (XSS) vulnerability in the Flag Content module ...)
 	TODO: check
-CVE-2011-XXXX [PMASA-2011-14 XSS]
-	- phpmyadmin 4:3.4.5-1
-	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2011-XXXX [Django several vulnerabilities]
 	- python-django 1.3.1-1 (bug #641405)
 	NOTE: https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/