[Secure-testing-commits] r20203 - data/CVE
Luciano Bello
luciano at alioth.debian.org
Thu Sep 20 18:41:46 UTC 2012
Author: luciano
Date: 2012-09-20 18:41:46 +0000 (Thu, 20 Sep 2012)
New Revision: 20203
Modified:
data/CVE/list
Log:
CVE-2012-4437 assigned: smarty
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-20 18:02:51 UTC (rev 20202)
+++ data/CVE/list 2012-09-20 18:41:46 UTC (rev 20203)
@@ -1,8 +1,5 @@
CVE-2012-XXXX [fwknop 2.0.3: Multiple security issues]
- fwknop <unfixed> (bug #688151)
-CVE-2012-XXXX [php-Smarty: XSS in Smarty exception messages]
- - smarty3 <unfixed> (bug #688153)
- - smarty <not-affected> (Vulnerable code not present)
CVE-2012-4969 (Use-after-free vulnerability in the CMshtmlEd::Exec function in ...)
NOT-FOR-US: Internet Explorer
CVE-2012-4968 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe ...)
@@ -1534,6 +1531,8 @@
RESERVED
CVE-2012-4437 [Smarty / php-Smarty: XSS in Smarty exception messages]
RESERVED
+ - smarty3 <unfixed> (bug #688153)
+ - smarty <not-affected> (Vulnerable code not present)
TODO: check
NOTE: http://www.openwall.com/lists/oss-security/2012/09/19/1
NOTE: http://secunia.com/advisories/50589/
More information about the Secure-testing-commits
mailing list