[Secure-testing-commits] r19207 - data/CVE

Henri Salo fgeek-guest at alioth.debian.org
Thu May 10 22:54:51 UTC 2012


Author: fgeek-guest
Date: 2012-05-10 22:54:50 +0000 (Thu, 10 May 2012)
New Revision: 19207

Modified:
   data/CVE/list
Log:
Reverse last commit. There seems to be 2011 ACL issue in dokuwiki as well. I am surprised.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-05-10 22:41:54 UTC (rev 19206)
+++ data/CVE/list	2012-05-10 22:54:50 UTC (rev 19207)
@@ -17634,6 +17634,10 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1225 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
+CVE-2011-XXXX [dokuwiki ACL bypass]
+	- dokuwiki 0.0.20101107a-1 (low)
+	[squeeze] - dokuwiki <no-dsa> (Minor issue)
+	[lenny] - dokuwiki <no-dsa> (Minor issue)
 CVE-2011-1224 (IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not ...)
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2011-1223 (Buffer overflow in the Alternate Data Stream (aka ADS or named stream) ...)
@@ -91293,9 +91297,6 @@
 	NOT-FOR-US: Dmx Forum
 CVE-2006-2945 (Unspecified vulnerability in the user profile change functionality in ...)
 	- dokuwiki 0.0.20060309-4 (bug #373689; low)
-	NOTE: http://xforce.iss.net/xforce/xfdb/27081
-	NOTE: SA20478
-	NOTE: http://osvdb.org/show/osvdb/26221
 CVE-2006-2944 (Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier ...)
 	NOT-FOR-US: FORM2MAIL
 CVE-2006-2943 (Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows ...)




More information about the Secure-testing-commits mailing list