[Secure-testing-commits] r22309 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Sun May 19 21:08:06 UTC 2013
Author: carnil
Date: 2013-05-19 21:08:06 +0000 (Sun, 19 May 2013)
New Revision: 22309
Modified:
data/CVE/list
Log:
drupal6 removed from unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-19 11:27:56 UTC (rev 22308)
+++ data/CVE/list 2013-05-19 21:08:06 UTC (rev 22309)
@@ -8292,12 +8292,12 @@
NOTE: https://drupal.org/SA-CORE-2013-001
CVE-2013-0245 [Access bypass Book module printer friendly version - Drupal 6 and 7]
RESERVED
- - drupal6 <unfixed> (bug #698333)
+ - drupal6 <removed> (bug #698333)
- drupal7 7.14-1.3 (bug #698334)
NOTE: https://drupal.org/SA-CORE-2013-001
CVE-2013-0244 [Cross-site scripting (Various core and contributed modules - Drupal 6 and 7)]
RESERVED
- - drupal6 <unfixed> (bug #698333)
+ - drupal6 <removed> (bug #698333)
- drupal7 7.14-1.3 (bug #698334)
NOTE: https://drupal.org/SA-CORE-2013-001
CVE-2013-0242 (Buffer overflow in the extend_buffers function in the regular ...)
@@ -10667,14 +10667,14 @@
CVE-2012-5654 (The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when ...)
NOT-FOR-US: Nodewords: D6 Meta Tags module for Drupal
CVE-2012-5653 (The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 ...)
- - drupal6 <unfixed> (bug #696343)
+ - drupal6 <removed> (bug #696343)
- drupal7 7.14-1.2 (bug #696342)
NOTE: http://drupal.org/SA-CORE-2012-004
CVE-2012-5652 (Drupal 6.x before 6.27 allows remote attackers to obtain sensitive ...)
- - drupal6 <unfixed> (bug #696343)
+ - drupal6 <removed> (bug #696343)
NOTE: http://drupal.org/SA-CORE-2012-004
CVE-2012-5651 (Drupal 6.x before 6.27 and 7.x before 7.18 displays information for ...)
- - drupal6 <unfixed> (bug #696343)
+ - drupal6 <removed> (bug #696343)
- drupal7 7.14-1.2 (bug #696342)
NOTE: http://drupal.org/SA-CORE-2012-004
CVE-2012-5650 [DOM based XSS via Futon UI]
@@ -59136,7 +59136,7 @@
- iceape 1.1.14-1
[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
CVE-2009-XXXX [XSS in drupal printing module]
- - drupal6 <unfixed> (unimportant)
+ - drupal6 <removed> (unimportant)
NOTE: you need admin privs in orde to exploit this
NOTE: http://lampsecurity.org/drupal-print-module-vulnerabilities
CVE-2009-2761 (Unquoted Windows search path vulnerability in the scheduler ...)
@@ -59900,7 +59900,7 @@
- nilfs2-tools <not-affected> (We don't install this with setuid)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=505374
CVE-2009-XXXX [XSS in drupal 6 calendar field]
- - drupal6 <unfixed> (unimportant)
+ - drupal6 <removed> (unimportant)
NOTE: you need to be able to create new calendar items, e.g. admistrative
NOTE: access in order to exploit that
NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2009-July/069849.html
More information about the Secure-testing-commits
mailing list