[Secure-testing-commits] r42214 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Jun 1 10:20:49 UTC 2016
Author: jmm
Date: 2016-06-01 10:20:49 +0000 (Wed, 01 Jun 2016)
New Revision: 42214
Modified:
data/CVE/list
Log:
bacula fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-01 10:08:04 UTC (rev 42213)
+++ data/CVE/list 2016-06-01 10:20:49 UTC (rev 42214)
@@ -164389,10 +164389,11 @@
CVE-2007-5627 (PHP remote file inclusion vulnerability in content/fnc-readmail3.php ...)
NOT-FOR-US: Socketmail
CVE-2007-5626 (make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a ...)
- - bacula <unfixed> (unimportant; bug #446809)
+ - bacula 5.0.0-1 (unimportant; bug #446809)
NOTE: this script needs the default database password and name needs to be set which
NOTE: would be a bigger problem in a non-trusted environment. Apart from
NOTE: this is documented in the bacula documentation
+ NOTE: Since bacula 5.0.0 "make_catalog_backup.pl" is used by default, which is not affected
CVE-2007-5625 (Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site ...)
NOT-FOR-US: Site Search SearchSimon Lite
CVE-2007-5624 (Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 ...)
More information about the Secure-testing-commits
mailing list