[Secure-testing-commits] r40166 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Mar 5 07:05:36 UTC 2016
Author: carnil
Date: 2016-03-05 07:05:36 +0000 (Sat, 05 Mar 2016)
New Revision: 40166
Modified:
data/CVE/list
Log:
Update three CVEs for dotclear
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-05 06:54:32 UTC (rev 40165)
+++ data/CVE/list 2016-03-05 07:05:36 UTC (rev 40166)
@@ -16722,7 +16722,8 @@
CVE-2015-5652 (Untrusted search path vulnerability in python.exe in Python through ...)
NOT-FOR-US: Python on Windows
CVE-2015-5651 (Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 ...)
- TODO: check
+ - dotclear <unfixed> (bug #815979)
+ NOTE: http://dotclear.org/blog/post/2015/09/23/Dotclear-2.8.1
CVE-2015-5650 (Directory traversal vulnerability in AjaXplorer 2.0 allows remote ...)
TODO: check
CVE-2015-5649 (Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles ...)
@@ -44934,7 +44935,7 @@
CVE-2014-5317 (Cross-site scripting (XSS) vulnerability in php365.com 365 Links 3.11 ...)
NOT-FOR-US: php365.com components
CVE-2014-5316 (Cross-site scripting (XSS) vulnerability in Dotclear before 2.6.4 ...)
- NOT-FOR-US: DotClear
+ - dotclear <undetermined>
CVE-2014-5315 (Cross-site scripting (XSS) vulnerability in the Help page in Adobe ...)
NOT-FOR-US: Adobe
CVE-2014-5314 (Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 ...)
@@ -55126,7 +55127,7 @@
CVE-2014-1614
RESERVED
CVE-2014-1613 (Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP ...)
- NOT-FOR-US: DotClear
+ - dotclear <undetermined>
CVE-2014-1612 (Cross-site scripting (XSS) vulnerability in login.esp in the Web ...)
NOT-FOR-US: Mediatrix
CVE-2014-1610 (MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before ...)
More information about the Secure-testing-commits
mailing list