[Secure-testing-commits] r31408 - data/CVE
Thijs Kinkhorst
thijs at moszumanska.debian.org
Fri Jan 16 22:05:54 UTC 2015
Author: thijs
Date: 2015-01-16 22:05:54 +0000 (Fri, 16 Jan 2015)
New Revision: 31408
Modified:
data/CVE/list
Log:
triage some pma issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-16 21:59:41 UTC (rev 31407)
+++ data/CVE/list 2015-01-16 22:05:54 UTC (rev 31408)
@@ -3051,10 +3051,12 @@
NOT-FOR-US: OpenVAS Manager
CVE-2014-9219 (Cross-site scripting (XSS) vulnerability in the redirection feature in ...)
- phpmyadmin 4:4.2.12-2 (bug #774194)
+ [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
+ [squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2
NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php
CVE-2014-9218 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x ...)
- - phpmyadmin 4:4.2.12-2 (bug #774194)
+ - phpmyadmin 4:4.2.12-2 (low; bug #774194)
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/1ac863c7573d12012374d5d41e5c7dc5505ea6e1 (master)
NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php
CVE-2014-9172
@@ -4353,7 +4355,7 @@
- phpmyadmin 4:4.2.12-1 (low)
NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/42b64e12b5f596366f94ef72365fd69a019ba820 and
- NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/42b64e12b5f596366f94ef72365fd69a019ba820 need
+ NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c7685e5acd3f8e722f4f374c6fa821590865b68d need
NOTE: to be backported to 3.4
CVE-2014-8957
RESERVED
@@ -5995,8 +5997,9 @@
NOT-FOR-US: TYPO3 extension fal_sftp
CVE-2014-8326 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- phpmyadmin 4:4.2.10.1-1 (low)
- [wheezy] - phpmyadmin <no-dsa> (Minor issue)
- [squeeze] - phpmyadmin <no-dsa> (Minor issue)
+ [wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
+ [squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
+ NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php
CVE-2014-8325 (The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 ...)
NOT-FOR-US: TYPO3 extension cal
CVE-2014-8316 (XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP ...)
@@ -13841,10 +13844,12 @@
- phpmyadmin 4:4.2.6-1 (low)
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
+ NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php
CVE-2014-4986 (Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js ...)
- phpmyadmin 4:4.2.6-1 (low)
[wheezy] - phpmyadmin <no-dsa> (Minor issue)
[squeeze] - phpmyadmin <no-dsa> (Minor issue)
+ NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php
CVE-2014-4985
RESERVED
CVE-2014-4984
More information about the Secure-testing-commits
mailing list