[Secure-testing-commits] r20092 - data/CVE

Wed Sep 5 00:44:33 UTC 2012

Author: geissert
Date: 2012-09-05 00:44:33 +0000 (Wed, 05 Sep 2012)
New Revision: 20092

Modified:
   data/CVE/list
Log:
bokken and bugzilla issues CVEified
new moinmoin issue


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-09-04 21:14:18 UTC (rev 20091)
+++ data/CVE/list	2012-09-05 00:44:33 UTC (rev 20092)
@@ -1,5 +1,8 @@
-CVE-2012-4747 (Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, ...)
-	TODO: check
+CVE-2012-XXXX [moinmoin virtual groups and ACLs evaluation issue]
+	- moin <unfixed>
+	NOTE: maintainers are aware
+	NOTE: CVE requested
+	NOTE: http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16
 CVE-2012-4746 (Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi ...)
 	TODO: check
 CVE-2012-4745 (Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity ...)
@@ -26,8 +29,6 @@
 	TODO: check
 CVE-2011-5147 (Static code injection vulnerability in ajax_save_name.php in the Ajax ...)
 	TODO: check
-CVE-2011-5146 (Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users ...)
-	TODO: check
 CVE-2011-5145 (Multiple SQL injection vulnerabilities in Open Business Management ...)
 	TODO: check
 CVE-2011-5144 (Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote ...)
@@ -1878,7 +1879,7 @@
 	RESERVED
 CVE-2012-3982
 	RESERVED
-CVE-2012-XXXX [Directory Browsing issue]
+CVE-2012-4747 [Directory Browsing issue]
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
@@ -12164,7 +12165,7 @@
 	RESERVED
 CVE-2011-4774
 	RESERVED
-CVE-2011-XXXX [bokken: insecure tempfile]
+CVE-2011-5146 [bokken: insecure tempfile]
 	- bokken 1.5-3 (bug #651931)
 CVE-2012-0120 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	{DSA-2429-1}


