[Secure-testing-commits] r26439 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 5 12:59:52 UTC 2014
Author: carnil
Date: 2014-04-05 12:59:52 +0000 (Sat, 05 Apr 2014)
New Revision: 26439
Modified:
data/CVE/list
Log:
Add fixed versions for four cacti CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-05 12:57:38 UTC (rev 26438)
+++ data/CVE/list 2014-04-05 12:59:52 UTC (rev 26439)
@@ -82,13 +82,13 @@
REJECTED
CVE-2014-2709
RESERVED
- - cacti <unfixed> (bug #743565)
+ - cacti 0.8.8b+dfsg-4 (bug #743565)
NOTE: http://bugs.cacti.net/view.php?id=2405 (not yet public)
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7439
NOTE: CVE for all changes to lib/rrd.php to add cacti_escapeshellarg calls
CVE-2014-2708 [SQL injection]
RESERVED
- - cacti <unfixed> (bug #743565)
+ - cacti 0.8.8b+dfsg-4 (bug #743565)
NOTE: http://bugs.cacti.net/view.php?id=2405 (not yet public)
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7439
NOTE: CVE for all changes to graph_xport.php to ensure that data is numeric
@@ -965,14 +965,14 @@
NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
CVE-2014-2328 [Unspecified Remote Command Execution Vulnerability]
RESERVED
- - cacti <unfixed> (bug #742768)
+ - cacti 0.8.8b+dfsg-4 (bug #742768)
NOTE: http://bugs.cacti.net/view.php?id=2433
CVE-2014-2327 [Cross Site Request Forgery Vulnerability]
RESERVED
- cacti <unfixed> (bug #742768)
NOTE: http://bugs.cacti.net/view.php?id=2432
CVE-2014-2326 (Cross-site scripting (XSS) vulnerability in Cacti 0.8.7g allows remote ...)
- - cacti <unfixed> (bug #742768)
+ - cacti 0.8.8b+dfsg-4 (bug #742768)
NOTE: http://bugs.cacti.net/view.php?id=2431
CVE-2014-2318 (SQL injection vulnerability in ATCOM Netvolution 3 allows remote ...)
NOT-FOR-US: ATCOM Netvolution
More information about the Secure-testing-commits
mailing list