[Secure-testing-commits] r19523 - data/CVE

[Luk Claes]

Author: luk
Date: 2012-06-17 16:29:15 +0000 (Sun, 17 Jun 2012)
New Revision: 19523

Modified:
   data/CVE/list
Log:
mark smarty as removed

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-06-17 15:55:00 UTC (rev 19522)
+++ data/CVE/list	2012-06-17 16:29:15 UTC (rev 19523)
@@ -20919,7 +20919,7 @@
 	NOTE: http://www.exploit-db.com/exploits/16129/
 CVE-2011-XXXX [incorrect handling of {$smarty.template} and {$smarty.current_dir}]
 	- smarty3 <unfixed> (unimportant)
-	- smarty <unfixed> (unimportant)
+	- smarty <removed> (unimportant)
 	NOTE: http://www.smarty.net/forums/viewtopic.php?t=18815
 	NOTE: http://code.google.com/p/smarty-php/source/detail?r=3989
 	NOTE: non-issue in practice, if you can place arbitrary template files you have worse problems
@@ -21508,40 +21508,31 @@
 	NOT-FOR-US: Recaptcha plugin for WordPress
 CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> ...)
 	- smarty3 3.0~rc1-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0.0 ...)
 	- smarty3 3.0.8-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2010-4725 (Smarty before 3.0.0 RC3 does not properly handle an on value of the ...)
 	- smarty3 3.0.8-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2010-4724 (Multiple unspecified vulnerabilities in the parser implementation in ...)
 	- smarty3 3.0.8-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...)
 	- smarty3 3.0.8-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...)
 	- smarty3 3.0.8-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2009-5054 (Smarty before 3.0.0 beta 4 does not consider the umask value when ...)
 	- smarty3 3.0~rc1-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...)
 	- smarty3 3.0~rc1-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...)
 	- smarty3 3.0~rc1-1
-	- smarty <unfixed>
-	TODO: check
+	- smarty <removed>
 CVE-2011-0758 (The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager ...)
 	NOT-FOR-US: CA ETrust
 CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
@@ -78571,7 +78562,7 @@
 CVE-2007-2327 (PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox ...)
 	NOT-FOR-US: HTMLeditbox
 CVE-2007-2326 (Multiple PHP remote file inclusion vulnerabilities in HYIP Manager Pro ...)
-	- smarty <unfixed> (unimportant; bug #488523)
+	- smarty <removed> (unimportant; bug #488523)
 	- moodle 1.8.2-2 (unimportant; bug #488525)
 	- gallery2 2.2.5-2 (unimportant; bug #488527)
 	NOTE: this is a non-issue