[Secure-testing-commits] r27608 - data/CVE
Paul Mathijs Gevers
elbrus at moszumanska.debian.org
Sat Jul 5 18:34:47 UTC 2014
Author: elbrus
Date: 2014-07-05 18:34:47 +0000 (Sat, 05 Jul 2014)
New Revision: 27608
Modified:
data/CVE/list
Log:
Update CVE list for cacti in squeeze-lts
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-05 07:52:20 UTC (rev 27607)
+++ data/CVE/list 2014-07-05 18:34:47 UTC (rev 27608)
@@ -1548,6 +1548,7 @@
RESERVED
{DSA-2970-1}
- cacti 0.8.8b+dfsg-6 (bug #752573)
+ [squeeze] - cacti 0.8.7g-1+squeeze4 (bug #752573)
CVE-2014-4001
RESERVED
CVE-2014-4000
@@ -4782,12 +4783,14 @@
CVE-2014-2709 (lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote ...)
{DSA-2970-1}
- cacti 0.8.8b+dfsg-4 (bug #743565)
+ [squeeze] - cacti 0.8.7g-1+squeeze4 (bug #743565)
NOTE: http://bugs.cacti.net/view.php?id=2405 (not yet public)
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7439
NOTE: CVE for all changes to lib/rrd.php to add cacti_escapeshellarg calls
CVE-2014-2708 (Multiple SQL injection vulnerabilities in graph_xport.php in Cacti ...)
{DSA-2970-1}
- cacti 0.8.8b+dfsg-4 (bug #743565)
+ [squeeze] - cacti 0.8.7g-1+squeeze4 (bug #743565)
NOTE: http://bugs.cacti.net/view.php?id=2405 (not yet public)
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7439
NOTE: CVE for all changes to graph_xport.php to ensure that data is numeric
@@ -5753,14 +5756,17 @@
CVE-2014-2328 (lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows ...)
{DSA-2970-1}
- cacti 0.8.8b+dfsg-4 (bug #742768)
+ [squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
NOTE: http://bugs.cacti.net/view.php?id=2433
CVE-2014-2327 (Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, ...)
{DSA-2970-1}
- cacti 0.8.8b+dfsg-6 (bug #742768)
+ [squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
NOTE: http://bugs.cacti.net/view.php?id=2432
CVE-2014-2326 (Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, ...)
{DSA-2970-1}
- cacti 0.8.8b+dfsg-4 (bug #742768)
+ [squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
NOTE: http://bugs.cacti.net/view.php?id=2431
CVE-2014-2318 (SQL injection vulnerability in ATCOM Netvolution 3 allows remote ...)
NOT-FOR-US: ATCOM Netvolution
More information about the Secure-testing-commits
mailing list