[Secure-testing-commits] r43435 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Jul 24 21:10:12 UTC 2016
Author: sectracker
Date: 2016-07-24 21:10:12 +0000 (Sun, 24 Jul 2016)
New Revision: 43435
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-24 20:34:44 UTC (rev 43434)
+++ data/CVE/list 2016-07-24 21:10:12 UTC (rev 43435)
@@ -1917,7 +1917,7 @@
CVE-2016-5740
RESERVED
CVE-2016-5739 (The Transformation implementation in phpMyAdmin 4.0.x before ...)
- {DLA-551-1}
+ {DSA-3627-1 DLA-551-1}
- phpmyadmin 4:4.6.3-1
CVE-2016-5738
RESERVED
@@ -1930,14 +1930,14 @@
[jessie] - phpmyadmin <no-dsa> (Vulnerable only with a php version earlier than the one in jessie)
[wheezy] - phpmyadmin <no-dsa> (Vulnerable only with a php version earlier than the one in wheezy)
CVE-2016-5733 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- {DLA-551-1}
+ {DSA-3627-1 DLA-551-1}
- phpmyadmin 4:4.6.3-1
CVE-2016-5732 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- phpmyadmin 4:4.6.3-1
[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2016-5731 (Cross-site scripting (XSS) vulnerability in examples/openid.php in ...)
- {DLA-551-1}
+ {DSA-3627-1 DLA-551-1}
- phpmyadmin 4:4.6.3-1 (low)
CVE-2016-5730 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x ...)
- phpmyadmin 4:4.6.3-1 (unimportant)
@@ -2006,9 +2006,11 @@
CVE-2016-5707
RESERVED
CVE-2016-5706 (js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x ...)
+ {DSA-3627-1}
- phpmyadmin 4:4.6.3-1 (low)
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2016-5705 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+ {DSA-3627-1}
- phpmyadmin 4:4.6.3-1
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2016-5704 (Cross-site scripting (XSS) vulnerability in the table-structure page ...)
@@ -2024,6 +2026,7 @@
[jessie] - phpmyadmin <no-dsa> (Minor issue)
[wheezy] - phpmyadmin <no-dsa> (Minor issue)
CVE-2016-5701 (setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, ...)
+ {DSA-3627-1}
- phpmyadmin 4:4.6.3-1
[wheezy] - phpmyadmin <no-dsa> (Minor issue)
CVE-2016-5700
@@ -4055,6 +4058,7 @@
CVE-2016-5100
RESERVED
CVE-2016-5099 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before ...)
+ {DSA-3627-1}
- phpmyadmin 4:4.6.2-1 (low)
[jessie] - phpmyadmin <no-dsa> (Minor issue)
[wheezy] - phpmyadmin <no-dsa> (Minor issue)
@@ -11383,10 +11387,11 @@
[wheezy] - phpmyadmin <not-affected>
NOTE: vulnerabilty is only in the test suite
CVE-2016-2561 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
+ {DSA-3627-1}
- phpmyadmin 4:4.5.5.1-1
[wheezy] - phpmyadmin <not-affected>
CVE-2016-2560 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- {DLA-481-1}
+ {DSA-3627-1 DLA-481-1}
- phpmyadmin 4:4.5.5.1-1 (low)
NOTE: 7ddce5e39a4e12cd351732955394bc7055c280eb: file not present, vulnerability not found in wheezy
NOTE: 0667ea8ac7519d7e642eade2686dc393d5faeae3: vulnerability present in 3.4.3.1, but code mysteriously not found in wheezy
@@ -13603,18 +13608,18 @@
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-6/
NOTE: path disclosure not relevant on Debian
CVE-2016-2041 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...)
- {DLA-481-1 DLA-406-1}
+ {DSA-3627-1 DLA-481-1 DLA-406-1}
- phpmyadmin 4:4.5.4-1
NOTE: squeeze patch backport trivial to wheezy
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-5/
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a04456c1cecf46428c
CVE-2016-2040 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- {DLA-481-1}
+ {DSA-3627-1 DLA-481-1}
- phpmyadmin 4:4.5.4-1
[squeeze] - phpmyadmin <no-dsa> (minor issue)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-3/
CVE-2016-2039 (libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...)
- {DLA-481-1 DLA-406-1}
+ {DSA-3627-1 DLA-481-1 DLA-406-1}
- phpmyadmin 4:4.5.4-1
NOTE: squeeze patch was actually incorrect and probably not functional: libraries/phpseclib/Crypt/Random.php needs some engine (e.g. AES) to work
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-2/
@@ -14108,7 +14113,7 @@
CVE-2016-1928 (Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows ...)
NOT-FOR-US: SAP
CVE-2016-1927 (The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x ...)
- {DLA-481-1}
+ {DSA-3627-1 DLA-481-1}
- phpmyadmin 4:4.5.4-1
[squeeze] - phpmyadmin <no-dsa> (minor issue)
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-4/
More information about the Secure-testing-commits
mailing list