[Secure-testing-commits] r23140 - in data: . CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Jul 30 06:36:47 UTC 2013
Author: jmm
Date: 2013-07-30 06:36:47 +0000 (Tue, 30 Jul 2013)
New Revision: 23140
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
phpmyadmin CVE assignments
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-30 05:05:41 UTC (rev 23139)
+++ data/CVE/list 2013-07-30 06:36:47 UTC (rev 23140)
@@ -8,8 +8,27 @@
TODO: check
CVE-2013-4938 (The LTI (aka IMS-LTI) mod_form implementation in Moodle through ...)
TODO: check
-CVE-2013-XXXX [phpmyadmin PMASA-2013-9, PMASA-2013-11, PMASA-2013-12, PMASA-2013-13, PMASA-2013-14, PMASA-2013-15]
+CVE-2013-4995 [http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php]
+ - phpmyadmin 4:4.0.4.2-1 (low)
+CVE-2013-4996 [PMASA-2013-9, PMASA-2013-11]
- phpmyadmin 4:4.0.4.2-1
+CVE-2013-4997 [PMASA-2013-9]
+ - phpmyadmin 4:4.0.4.2-1
+CVE-2013-4998 [PMASA-2013-12]
+ - phpmyadmin 4:4.0.4.2-1 (unimportant)
+ NOTE: Full path disclosure irrelevant in Debian packages
+CVE-2013-4999 [PMASA-2013-12]
+ - phpmyadmin 4:4.0.4.2-1 (unimportant)
+ NOTE: Full path disclosure irrelevant in Debian packages
+CVE-2013-5000 [PMASA-2013-12]
+ - phpmyadmin 4:4.0.4.2-1 (unimportant)
+ NOTE: Full path disclosure irrelevant in Debian packages
+CVE-2013-5001 [PMASA-2013-13]
+ - phpmyadmin 4:4.0.4.2-1 (low)
+CVE-2013-5002 [PMASA-2013-14]
+ - phpmyadmin 4:4.0.4.2-1 (low)
+CVE-2013-5003 [PMASA-2013-15]
+ - phpmyadmin 4:4.0.4.2-1
CVE-2013-4937 (Multiple unspecified vulnerabilities in the AiCloud feature on the ...)
NOT-FOR-US: Asus firmware
CVE-2013-4936 [PROFINET Real-Time dissector crash]
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2013-07-30 05:05:41 UTC (rev 23139)
+++ data/dsa-needed.txt 2013-07-30 06:36:47 UTC (rev 23140)
@@ -60,6 +60,8 @@
otrs2 (carnil)
Maintainer wanted to look into preparing an update
--
+phpmyadmin
+--
pidgin/oldstable
The version in squeeze is likely too outdated anyway, so end-of-life might be the better option
--
More information about the Secure-testing-commits
mailing list