[Secure-testing-commits] r31006 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Dec 29 00:38:05 UTC 2014
Author: jmm
Date: 2014-12-29 00:38:05 +0000 (Mon, 29 Dec 2014)
New Revision: 31006
Modified:
data/CVE/list
Log:
dokuwiki no-dsa
mark collabtice as undetermined
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-28 23:15:28 UTC (rev 31005)
+++ data/CVE/list 2014-12-29 00:38:05 UTC (rev 31006)
@@ -796,6 +796,8 @@
RESERVED
CVE-2014-9253 (The default file type whitelist configuration in conf/mime.conf in the ...)
- dokuwiki <unfixed> (bug #773429)
+ [wheezy] - dokuwiki <no-dsa> (Minor issue)
+ [squeeze] - dokuwiki <no-dsa> (Minor issue)
NOTE: https://github.com/splitbrain/dokuwiki/commit/778ddf6f2cd9ed38b9db2d73e823b8c21243a960
NOTE: Advisory: http://security.szurek.pl/dokuwiki-20140929a-xss.html
CVE-2014-9252 (Zenoss Core through 5 Beta 3 stores cleartext passwords in the session ...)
@@ -45957,8 +45959,8 @@
CVE-2010-5286 (Directory traversal vulnerability in Jstore (com_jstore) component for ...)
NOT-FOR-US: Joomla jstore
CVE-2010-5285 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...)
- - collabtive <unfixed> (low; bug #695348)
- [wheezy] - collabtive <no-dsa> (Minor issue)
+ - collabtive <undetermined>
+ NOTE: See #695348
CVE-2010-5284 (Multiple cross-site scripting (XSS) vulnerabilities in Collabtive ...)
- collabtive 0.7.6-1 (bug #695348)
NOTE: Might be fixed earlier, but 0.7.6 was tested
More information about the Secure-testing-commits
mailing list