[Secure-testing-commits] r32869 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Mar 14 18:17:59 UTC 2015


Author: carnil
Date: 2015-03-14 18:17:58 +0000 (Sat, 14 Mar 2015)
New Revision: 32869

Modified:
   data/CVE/list
Log:
libphp-snoopy issues fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-14 18:16:17 UTC (rev 32868)
+++ data/CVE/list	2015-03-14 18:17:58 UTC (rev 32869)
@@ -18003,7 +18003,7 @@
 	NOTE: https://github.com/cogdog/feed2js/pull/12#issuecomment-48283706
 CVE-2014-5008 [Incorrect fix for CVE-2008-4796, escapeshellarg required]
 	RESERVED
-	- libphp-snoopy <unfixed> (bug #778634)
+	- libphp-snoopy 2.0.0-1 (bug #778634)
 	NOTE: http://mstrokin.com/sec/feed2js-magpierss-0day-vulnerability-not-really-it-is-actually-cve-2005-3330-cve-2008-4796/
 	NOTE: This issue exists because of an incorrect fix for CVE-2008-4796 (i.e., use of escapeshellcmd where escapeshellarg was required).
 CVE-2014-5004 [Ruby Gem brbackup-0.1.1: exposes the database password to the command line]
@@ -56333,7 +56333,7 @@
 	NOT-FOR-US: Websense
 CVE-2008-7313 [Incomplete fix for CVE-2008-4796]
 	RESERVED
-	- libphp-snoopy <unfixed> (bug #778634)
+	- libphp-snoopy 2.0.0-1 (bug #778634)
 	NOTE: additional commit missing, so fix for CVE-2008-4796 was incomplete
 	NOTE: http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27
 CVE-2008-7312 (The Filtering Service in Websense Enterprise 5.2 through 6.3 does not ...)




More information about the Secure-testing-commits mailing list