[Secure-testing-commits] r46532 - data/CVE

Thijs Kinkhorst thijs at moszumanska.debian.org
Fri Nov 25 10:10:45 UTC 2016 

Author: thijs
Date: 2016-11-25 10:10:44 +0000 (Fri, 25 Nov 2016)
New Revision: 46532

Modified:
   data/CVE/list
Log:
New bucket of pma issues, first triage


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-25 10:07:02 UTC (rev 46531)
+++ data/CVE/list	2016-11-25 10:10:44 UTC (rev 46532)
@@ -1,3 +1,45 @@
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-57]
+	- phpmyadmin <not-affected> (Already fixed in release)
+	[jessie] - phpmyadmin <not-affected> (Already fixed in release)
+	NOTE: may affect wheezy only.
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-58]
+	- phpmyadmin <unfixed> (unimportant)
+	NOTE: Debian packaging generates blowfish secret
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-59]
+	- phpmyadmin <unfixed> (unimportant)
+	NOTE: disabled by default, debugging setting required
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-60]
+	- phpmyadmin <unfixed>
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-61]
+	- phpmyadmin <unfixed> (low)
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-62]
+	- phpmyadmin <unfixed> (unimportant)
+	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
+	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-63]
+	- phpmyadmin <unfixed> (unimportant)
+	NOTE: path disclosure not relevant in Debian
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-64]
+	- phpmyadmin <unfixed> (unimportant)
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-65]
+	- phpmyadmin <unfixed> (unimportant)
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-66]
+	- phpmyadmin <unfixed> (low)
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-67]
+	- phpmyadmin <unfixed>
+	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
+	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-68]
+	- phpmyadmin <unfixed> (unimportant)
+	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
+	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-69]
+	- phpmyadmin <unfixed>
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-70]
+	- phpmyadmin <unfixed>
+CVE-2016-XXXX [phpMyAdmin PMASA-2016-71]
+	- phpmyadmin <unfixed> (unimportant)
+	NOTE: unlikely PHP configuration required, unclear impact
 CVE-2014-9911
 	- icu 55.1-3
 	NOTE: http://bugs.icu-project.org/trac/ticket/10891

More information about the Secure-testing-commits mailing list