[Secure-testing-commits] r20231 - data/CVE

Yves-Alexis Perez corsac at alioth.debian.org
Tue Sep 25 20:56:56 UTC 2012 

Author: corsac
Date: 2012-09-25 20:56:55 +0000 (Tue, 25 Sep 2012)
New Revision: 20231

Modified:
   data/CVE/list
Log:
add info on wordpress CVEs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-25 20:40:23 UTC (rev 20230)
+++ data/CVE/list	2012-09-25 20:56:55 UTC (rev 20231)
@@ -211,13 +211,13 @@
 CVE-2011-5195 (Cross-site request forgery (CSRF) vulnerability in ...)
 	NOT-FOR-US: Public Knowledge Project Open Conference Systems
 CVE-2011-5194 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Wordpress Whois search plugin, not in Debian
 CVE-2011-5193 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Wordpress Whois search plugin, not in Debian
 CVE-2011-5192 (Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty ...)
-	TODO: check
+	NOT-FOR-US: Wordpress Pretty Link Lite plugin, not in Debian
 CVE-2011-5191 (Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty ...)
-	TODO: check
+	NOT-FOR-US: Wordpress Pretty Link Lite plugin, not in Debian
 CVE-2012-5007 (The Fill PDF module 7.x-1.x before 7.x-1.2 for Drupal allows remote ...)
 	NOT-FOR-US: Drupal addon Fill PDF
 CVE-2012-5006 (Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser ...)
@@ -307,11 +307,11 @@
 CVE-2011-5184 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-5182 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: Wordpress Lanoba Social plugin, not in Debian
 CVE-2011-5181 (Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk ...)
-	TODO: check
+	NOT-FOR-US: Wordpress ClickDesk Live Support - Live Chat plugin, not in Debian
 CVE-2011-5180 (Cross-site scripting (XSS) vulnerability in wp-1pluginjquery.php in ...)
-	TODO: check
+	NOT-FOR-US: Wordpress ZooEffect plugin, not in Debian
 CVE-2011-5179 (Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php ...)
 	NOT-FOR-US: Skysa App Bar
 CVE-2011-5177 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
@@ -6715,7 +6715,7 @@
 CVE-2010-5107
 	RESERVED
 CVE-2010-5106 (The XML-RPC remote publishing interface in xmlrpc.php in WordPress ...)
-	TODO: check
+	- wordpress 3.0.3-1
 CVE-2010-5105 [blender /tmp/quit.blend temp file issue]
 	RESERVED
 	- blender <unfixed> (bug #584621)

More information about the Secure-testing-commits mailing list