[Secure-testing-commits] r40946 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Thu Apr 14 23:39:21 UTC 2016
Author: anarcat
Date: 2016-04-14 23:39:21 +0000 (Thu, 14 Apr 2016)
New Revision: 40946
Modified:
data/CVE/list
Log:
update some PMA advisory statuses
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-14 23:17:07 UTC (rev 40945)
+++ data/CVE/list 2016-04-14 23:39:21 UTC (rev 40946)
@@ -3691,6 +3691,10 @@
[wheezy] - phpmyadmin <not-affected>
CVE-2016-2560 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- phpmyadmin 4:4.5.5.1-1 (low)
+ NOTE: 7ddce5e39a4e12cd351732955394bc7055c280eb: file not present, vulnerability not found in wheezy
+ NOTE: 0667ea8ac7519d7e642eade2686dc393d5faeae3: vulnerability present in 3.4.3.1, but code mysteriously not found in wheezy
+ NOTE: fe3be9f4b9edd54dc39919e7dfeaaf4a67c1cf83: vulnerability introduced in 052fd61f (3.5.1)
+ NOTE: b8f1e0f325f8f32bd82af64111d8c2e9055a363c and 73c8245a3d1893a710447957e28dcfb18d9b47ad present in wheezy and later, patch in lists.debian.org/87lh4fpyap.fsf at angela.anarcat.ath.cx
CVE-2016-2559 (Cross-site scripting (XSS) vulnerability in the format function in ...)
- phpmyadmin 4:4.5.5.1-1 (low)
[wheezy] - phpmyadmin <not-affected>
@@ -5700,6 +5704,7 @@
CVE-2016-2041 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...)
{DLA-406-1}
- phpmyadmin 4:4.5.4-1
+ NOTE: squeeze patch backport trivial to wheezy
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-5/
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a04456c1cecf46428c
CVE-2016-2040 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
@@ -5709,6 +5714,7 @@
CVE-2016-2039 (libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...)
{DLA-406-1}
- phpmyadmin 4:4.5.4-1
+ NOTE: squeeze patch backport trivial to wheezy
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-2/
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e859781fad7111ac1bd
CVE-2016-2038 (phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x ...)
More information about the Secure-testing-commits
mailing list