[Secure-testing-commits] r53599 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jul 18 05:19:10 UTC 2017
Author: carnil
Date: 2017-07-18 05:19:09 +0000 (Tue, 18 Jul 2017)
New Revision: 53599
Modified:
data/CVE/list
Log:
Add CVE-2017-10000{13,14,15,16,17,18}/phpmyadmin
In r52282 we removed the temporary entry, arguming that if the
unimportant issues get a CVE, then we can add them back. That happened
now. Add with respective previous entry back and keep unimportant
status associated.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-18 05:11:10 UTC (rev 53598)
+++ data/CVE/list 2017-07-18 05:19:09 UTC (rev 53599)
@@ -793,17 +793,23 @@
CVE-2017-1000020 (SYN Flood or FIN Flood attack in ECos 1 and other versions embedded ...)
NOT-FOR-US: ECos
CVE-2017-1000018 (phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the ...)
- TODO: check
+ - phpmyadmin 4:4.6.6-1 (unimportant)
+ NOTE: https://www.phpmyadmin.net/security/PMASA-2017-7
CVE-2017-1000017 (phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user ...)
- TODO: check
+ - phpmyadmin 4:4.6.6-1 (unimportant)
+ NOTE: https://www.phpmyadmin.net/security/PMASA-2017-6
CVE-2017-1000016 (A weakness was discovered where an attacker can inject arbitrary ...)
- TODO: check
+ - phpmyadmin 4:4.6.6-1 (unimportant)
+ NOTE: https://www.phpmyadmin.net/security/PMASA-2017-5
CVE-2017-1000015 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack ...)
- TODO: check
+ - phpmyadmin 4:4.6.6-1 (unimportant)
+ NOTE: https://www.phpmyadmin.net/security/PMASA-2017-4
CVE-2017-1000014 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the ...)
- TODO: check
+ - phpmyadmin 4:4.6.6-1 (unimportant)
+ NOTE: https://www.phpmyadmin.net/security/PMASA-2017-3
CVE-2017-1000013 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect ...)
- TODO: check
+ - phpmyadmin 4:4.6.6-1 (unimportant)
+ NOTE: https://www.phpmyadmin.net/security/PMASA-2017-1
CVE-2017-1000012 (MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying ...)
TODO: check
CVE-2017-1000011 (MyWebSQL version 3.6 is vulnerable to stored XSS in the database ...)
More information about the Secure-testing-commits
mailing list