The branch, master has been updated
via 1c7cf7ef15bd28bdd37cf02143d0c0d22a15b57c (commit)
via f01918a0fe7320471680f9f5c4ad032975a01b28 (commit)
from 5be088e904b8a768dd8fe4add3614c0f61190b4d (commit)
- Log -----------------------------------------------------------------
commit 1c7cf7ef15bd28bdd37cf02143d0c0d22a15b57c
Author: Michal Čihař <[email protected]>
Date: Wed Dec 8 14:36:48 2010 +0100
Add references to CWE ids in security issues.
CWE provides categorisation of security issues.
commit f01918a0fe7320471680f9f5c4ad032975a01b28
Author: Michal Čihař <[email protected]>
Date: Wed Dec 8 14:28:22 2010 +0100
List separately commits for 2.11 branch.
-----------------------------------------------------------------------
Summary of changes:
templates/security/PMASA-2003-1 | 2 ++
templates/security/PMASA-2004-1 | 2 ++
templates/security/PMASA-2004-2 | 2 ++
templates/security/PMASA-2004-3 | 1 +
templates/security/PMASA-2004-4 | 2 ++
templates/security/PMASA-2005-1 | 1 +
templates/security/PMASA-2005-2 | 2 ++
templates/security/PMASA-2005-3 | 2 ++
templates/security/PMASA-2005-4 | 1 +
templates/security/PMASA-2005-5 | 1 +
templates/security/PMASA-2005-6 | 2 ++
templates/security/PMASA-2005-7 | 2 ++
templates/security/PMASA-2005-8 | 1 +
templates/security/PMASA-2005-9 | 2 ++
templates/security/PMASA-2006-1 | 2 ++
templates/security/PMASA-2006-2 | 2 +-
templates/security/PMASA-2006-3 | 1 +
templates/security/PMASA-2006-4 | 2 ++
templates/security/PMASA-2006-5 | 1 +
templates/security/PMASA-2006-6 | 1 +
templates/security/PMASA-2006-7 | 2 ++
templates/security/PMASA-2006-8 | 2 ++
templates/security/PMASA-2006-9 | 2 ++
templates/security/PMASA-2007-1 | 2 ++
templates/security/PMASA-2007-2 | 2 ++
templates/security/PMASA-2007-3 | 1 +
templates/security/PMASA-2007-4 | 1 +
templates/security/PMASA-2007-5 | 1 +
templates/security/PMASA-2007-6 | 1 +
templates/security/PMASA-2007-7 | 2 ++
templates/security/PMASA-2007-8 | 2 ++
templates/security/PMASA-2008-1 | 1 +
templates/security/PMASA-2008-10 | 2 ++
templates/security/PMASA-2008-2 | 1 +
templates/security/PMASA-2008-3 | 1 +
templates/security/PMASA-2008-4 | 2 ++
templates/security/PMASA-2008-5 | 1 +
templates/security/PMASA-2008-6 | 1 +
templates/security/PMASA-2008-7 | 2 ++
templates/security/PMASA-2008-8 | 2 ++
templates/security/PMASA-2008-9 | 2 ++
templates/security/PMASA-2009-1 | 2 ++
templates/security/PMASA-2009-2 | 2 ++
templates/security/PMASA-2009-3 | 2 ++
templates/security/PMASA-2009-4 | 2 ++
templates/security/PMASA-2009-5 | 2 ++
templates/security/PMASA-2009-6 | 2 ++
templates/security/PMASA-2010-1 | 2 ++
templates/security/PMASA-2010-2 | 2 ++
templates/security/PMASA-2010-3 | 2 ++
templates/security/PMASA-2010-4 | 2 ++
templates/security/PMASA-2010-5 | 2 ++
templates/security/PMASA-2010-6 | 2 ++
templates/security/PMASA-2010-7 | 2 ++
templates/security/PMASA-2010-8 | 5 +++++
templates/security/_PMASA_ | 6 ++++++
templates/security/_page.tpl | 10 +++++++++-
57 files changed, 110 insertions(+), 2 deletions(-)
diff --git a/templates/security/PMASA-2003-1 b/templates/security/PMASA-2003-1
index 7f1f8da..ae9e8f1 100644
--- a/templates/security/PMASA-2003-1
+++ b/templates/security/PMASA-2003-1
@@ -66,5 +66,7 @@ version of phpMyAdmin, which is to be released soon.
http://www.securityfocus.com/archive/1/325641</a>
</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2004-1 b/templates/security/PMASA-2004-1
index af30af9..57336af 100644
--- a/templates/security/PMASA-2004-1
+++ b/templates/security/PMASA-2004-1
@@ -63,5 +63,7 @@ http://www.securityfocus.com/archive/1/367486</a>
<py:def function="announcement_cve">CVE-2004-2631</py:def>
+<py:def function="announcement_cwe">661 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2004-2 b/templates/security/PMASA-2004-2
index 6736d17..f342c33 100644
--- a/templates/security/PMASA-2004-2
+++ b/templates/security/PMASA-2004-2
@@ -64,5 +64,7 @@ released soon.
<py:def function="announcement_cve">CVE-2004-2630</py:def>
+<py:def function="announcement_cwe">661 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2004-3 b/templates/security/PMASA-2004-3
index 21c7ed0..fc7e27e 100644
--- a/templates/security/PMASA-2004-3
+++ b/templates/security/PMASA-2004-3
@@ -68,6 +68,7 @@ http://www.netvigilance.com/html/advisory0005.htm</a>
<py:def function="announcement_cve">CVE-2004-1055</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2004-4 b/templates/security/PMASA-2004-4
index cf50469..f2720f2 100644
--- a/templates/security/PMASA-2004-4
+++ b/templates/security/PMASA-2004-4
@@ -64,5 +64,7 @@ http://www.exaprobe.com/labs/advisories/esa-2004-1213.html</a>
<py:def function="announcement_cve">CVE-2004-1148</py:def>
+<py:def function="announcement_cwe">661 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-1 b/templates/security/PMASA-2005-1
index 473b7f7..a87c15d 100644
--- a/templates/security/PMASA-2005-1
+++ b/templates/security/PMASA-2005-1
@@ -63,6 +63,7 @@
href="http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&g
<py:def function="announcement_cve">CVE-2005-0567</py:def>
+<py:def function="announcement_cwe">661 79 94</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-2 b/templates/security/PMASA-2005-2
index 48d8d54..97caf47 100644
--- a/templates/security/PMASA-2005-2
+++ b/templates/security/PMASA-2005-2
@@ -52,5 +52,7 @@ How to apply the directive to a specific directory:<br />
<py:def function="announcement_cve">CVE-2005-0544</py:def>
+<py:def function="announcement_cwe">661 200</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-3 b/templates/security/PMASA-2005-3
index 43b514a..0da63be 100644
--- a/templates/security/PMASA-2005-3
+++ b/templates/security/PMASA-2005-3
@@ -42,5 +42,7 @@ http://www.arrelnet.com/advisories/adv20050403.html</a>
<py:def function="announcement_cve">CVE-2005-0992</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-4 b/templates/security/PMASA-2005-4
index 0627fc3..21a4e3c 100644
--- a/templates/security/PMASA-2005-4
+++ b/templates/security/PMASA-2005-4
@@ -36,6 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl2 or newer.
<py:def function="announcement_cve">CVE-2005-3299</py:def>
+<py:def function="announcement_cwe">661 98</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-5 b/templates/security/PMASA-2005-5
index c1becee..ade5ae4 100644
--- a/templates/security/PMASA-2005-5
+++ b/templates/security/PMASA-2005-5
@@ -53,6 +53,7 @@ For (1): <a
href="http://www.hardened-php.net/advisory_162005.73.html";>http://ww
For (2): <a
href="http://www.trapkit.de/advisories/TKADV2005-10-001.txt";>http://www.trapkit.de/advisories/TKADV2005-10-001.txt</a>
</py:def>
+<py:def function="announcement_cwe">661 98 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-6 b/templates/security/PMASA-2005-6
index 1fd9abd..dc22fc7 100644
--- a/templates/security/PMASA-2005-6
+++ b/templates/security/PMASA-2005-6
@@ -36,5 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl4.
<py:def function="announcement_cve">CVE-2005-3621</py:def>
+<py:def function="announcement_cwe">661 113</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-7 b/templates/security/PMASA-2005-7
index a707170..842f14d 100644
--- a/templates/security/PMASA-2005-7
+++ b/templates/security/PMASA-2005-7
@@ -36,5 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl4.
<py:def function="announcement_cve">CVE-2005-3787</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-8 b/templates/security/PMASA-2005-8
index afc3f69..d35fc79 100644
--- a/templates/security/PMASA-2005-8
+++ b/templates/security/PMASA-2005-8
@@ -35,6 +35,7 @@ We did not make an extensive verification on this. Probably
all previous version
Upgrade to phpMyAdmin 2.7.0.
</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-9 b/templates/security/PMASA-2005-9
index 8df7c0d..5316938 100644
--- a/templates/security/PMASA-2005-9
+++ b/templates/security/PMASA-2005-9
@@ -43,5 +43,7 @@ Upgrade to phpMyAdmin 2.7.0-pl1 or newer.
<py:def function="announcement_cve">CVE-2005-4079</py:def>
+<py:def function="announcement_cwe">661 79 98 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-1 b/templates/security/PMASA-2006-1
index 24471b9..a259641 100644
--- a/templates/security/PMASA-2006-1
+++ b/templates/security/PMASA-2006-1
@@ -33,5 +33,7 @@ Upgrade to phpMyAdmin 2.8.0.3 for the fixes in the two
included themes. New vers
<py:def function="announcement_cve">CVE-2006-1678</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-2 b/templates/security/PMASA-2006-2
index 8b34105..d0413ee 100644
--- a/templates/security/PMASA-2006-2
+++ b/templates/security/PMASA-2006-2
@@ -42,7 +42,7 @@ We wish to thank Sven Vetsch/Disenchant for informing us in a
responsible manner
<py:def function="announcement_cve">CVE-2006-2031</py:def>
-
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-3 b/templates/security/PMASA-2006-3
index a447f95..c36f11d 100644
--- a/templates/security/PMASA-2006-3
+++ b/templates/security/PMASA-2006-3
@@ -38,6 +38,7 @@ Upgrade to phpMyAdmin 2.8.1.
<py:def function="announcement_cve">CVE-2006-1804</py:def>
+<py:def function="announcement_cwe">661 352</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-4 b/templates/security/PMASA-2006-4
index 083ab4f..f567ad1 100644
--- a/templates/security/PMASA-2006-4
+++ b/templates/security/PMASA-2006-4
@@ -41,5 +41,7 @@ We wish to thank [email protected] for informing us in a
responsible manner. T
<py:def function="announcement_cve">CVE-2006-3388</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-5 b/templates/security/PMASA-2006-5
index d23d6d6..3577236 100644
--- a/templates/security/PMASA-2006-5
+++ b/templates/security/PMASA-2006-5
@@ -36,6 +36,7 @@ Upgrade to phpMyAdmin 2.9.0.1 or newer.
<py:def function="announcement_cve">CVE-2006-5116</py:def>
+<py:def function="announcement_cwe">661 352</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-6 b/templates/security/PMASA-2006-6
index 57395dc..e4db109 100644
--- a/templates/security/PMASA-2006-6
+++ b/templates/security/PMASA-2006-6
@@ -35,6 +35,7 @@ Upgrade to phpMyAdmin 2.9.0.3 or newer.
<py:def function="announcement_cve">CVE-2006-5718</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-7 b/templates/security/PMASA-2006-7
index 70ec062..fec9550 100644
--- a/templates/security/PMASA-2006-7
+++ b/templates/security/PMASA-2006-7
@@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer.
<py:def function="announcement_cve">CVE-2006-6942</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-8 b/templates/security/PMASA-2006-8
index 0aafd1f..567144e 100644
--- a/templates/security/PMASA-2006-8
+++ b/templates/security/PMASA-2006-8
@@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer.
<py:def function="announcement_cve">CVE-2006-6374</py:def>
+<py:def function="announcement_cwe">661 200</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-9 b/templates/security/PMASA-2006-9
index c2d2414..8e4b6c0 100644
--- a/templates/security/PMASA-2006-9
+++ b/templates/security/PMASA-2006-9
@@ -37,5 +37,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer.
<py:def function="announcement_cve">CVE-2006-6944</py:def>
+<py:def function="announcement_cwe">661 264</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-1 b/templates/security/PMASA-2007-1
index 71d47d9..215ebbc 100644
--- a/templates/security/PMASA-2007-1
+++ b/templates/security/PMASA-2007-1
@@ -41,5 +41,7 @@ Upgrade to phpMyAdmin 2.9.2 or newer.
<py:def function="announcement_cve">CVE-2006-6374</py:def>
+<py:def function="announcement_cwe">661 113</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-2 b/templates/security/PMASA-2007-2
index bd84e47..f57d07b 100644
--- a/templates/security/PMASA-2007-2
+++ b/templates/security/PMASA-2007-2
@@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.2 or newer.
<py:def function="announcement_cve">CVE-2007-1395</py:def>
+<py:def function="announcement_cwe">661 79 200</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-3 b/templates/security/PMASA-2007-3
index ebd6e24..1f135fd 100644
--- a/templates/security/PMASA-2007-3
+++ b/templates/security/PMASA-2007-3
@@ -46,6 +46,7 @@ Patches are available in this tracker: <a
href="http://sourceforge.net/tracker/i
<py:def function="announcement_cve">CVE-2007-1325</py:def>
+<py:def function="announcement_cwe">661 674</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-4 b/templates/security/PMASA-2007-4
index bb0bf94..c13b808 100644
--- a/templates/security/PMASA-2007-4
+++ b/templates/security/PMASA-2007-4
@@ -40,6 +40,7 @@ Upgrade to phpMyAdmin 2.10.1 or newer.
<py:def function="announcement_cve">CVE-2007-2245</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-5 b/templates/security/PMASA-2007-5
index 899e7da..131f765 100644
--- a/templates/security/PMASA-2007-5
+++ b/templates/security/PMASA-2007-5
@@ -50,6 +50,7 @@ Patches are available in this tracker:
<a
href="https://sourceforge.net/tracker/index.php?func=detail&aid=1810629&group_id=23067&atid=377408";>https://sourceforge.net/tracker/index.php?func=detail&aid=1810629&group_id=23067&atid=377408</a>
</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-6 b/templates/security/PMASA-2007-6
index f7748d4..73f905c 100644
--- a/templates/security/PMASA-2007-6
+++ b/templates/security/PMASA-2007-6
@@ -55,6 +55,7 @@ Patches are referenced here:
<a
href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=10796";>http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=10796</a>
</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-7 b/templates/security/PMASA-2007-7
index 93d8db5..a19d024 100644
--- a/templates/security/PMASA-2007-7
+++ b/templates/security/PMASA-2007-7
@@ -52,5 +52,7 @@ The patch is attached to:
<py:def function="announcement_cve">CVE-2007-5977</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-8 b/templates/security/PMASA-2007-8
index 4b846af..3dffb1c 100644
--- a/templates/security/PMASA-2007-8
+++ b/templates/security/PMASA-2007-8
@@ -48,5 +48,7 @@
href="http://sourceforge.net/tracker/index.php?func=detail&aid=1835123&g
<py:def function="announcement_cve">CVE-2007-6100</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-1 b/templates/security/PMASA-2008-1
index 1e2f4af..0d875e3 100644
--- a/templates/security/PMASA-2008-1
+++ b/templates/security/PMASA-2008-1
@@ -60,6 +60,7 @@
href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/p
<py:def function="announcement_cve">CVE-2008-1149</py:def>
+<py:def function="announcement_cwe">661 89</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-10 b/templates/security/PMASA-2008-10
index 037b001..9d4573f 100644
--- a/templates/security/PMASA-2008-10
+++ b/templates/security/PMASA-2008-10
@@ -45,5 +45,7 @@ Advisory: <a
href="http://www.milw0rm.com/exploits/7382";>http://www.milw0rm.com/
<py:def function="announcement_cve">CVE-2008-5621 CVE-2008-5622</py:def>
+<py:def function="announcement_cwe">661 89</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-2 b/templates/security/PMASA-2008-2
index 9dd4b87..140167c 100644
--- a/templates/security/PMASA-2008-2
+++ b/templates/security/PMASA-2008-2
@@ -39,6 +39,7 @@ Upgrade to phpMyAdmin 2.11.5.1 or newer.
<py:def function="announcement_cve">CVE-2008-1567</py:def>
+<py:def function="announcement_cwe">661 522</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-3 b/templates/security/PMASA-2008-3
index 5d57ac2..f450eed 100644
--- a/templates/security/PMASA-2008-3
+++ b/templates/security/PMASA-2008-3
@@ -53,6 +53,7 @@ Upgrade to phpMyAdmin 2.11.5.2 or newer.
<a
href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11211";>Revision
11211</a><br />
</py:def>
+<py:def function="announcement_cwe">661 522</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-4 b/templates/security/PMASA-2008-4
index 30c3859..dd8c125 100644
--- a/templates/security/PMASA-2008-4
+++ b/templates/security/PMASA-2008-4
@@ -45,5 +45,7 @@ Upgrade to phpMyAdmin 2.11.7 or newer.
<py:def function="announcement_cve">CVE-2008-2960</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-5 b/templates/security/PMASA-2008-5
index fe99724..f86f79e 100644
--- a/templates/security/PMASA-2008-5
+++ b/templates/security/PMASA-2008-5
@@ -54,6 +54,7 @@ These advisories are available from the reporter:<br />
<py:def function="announcement_cve">CVE-2008-3197</py:def>
+<py:def function="announcement_cwe">661 352</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-6 b/templates/security/PMASA-2008-6
index ae1de76..b021288 100644
--- a/templates/security/PMASA-2008-6
+++ b/templates/security/PMASA-2008-6
@@ -43,6 +43,7 @@ These advisories are available from the reporter:<br />
<py:def function="announcement_cve">CVE-2008-3457</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-7 b/templates/security/PMASA-2008-7
index 6bf2f9d..71b26f1 100644
--- a/templates/security/PMASA-2008-7
+++ b/templates/security/PMASA-2008-7
@@ -43,5 +43,7 @@ Upgrade to phpMyAdmin 2.11.9.1 or newer.
<py:def function="announcement_cve">CVE-2008-4096</py:def>
+<py:def function="announcement_cwe">661 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-8 b/templates/security/PMASA-2008-8
index a5bda7a..f57cb1c 100644
--- a/templates/security/PMASA-2008-8
+++ b/templates/security/PMASA-2008-8
@@ -48,5 +48,7 @@ Upgrade to phpMyAdmin 2.11.9.2 or newer.
<py:def function="announcement_cve">CVE-2008-4326</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-9 b/templates/security/PMASA-2008-9
index 509fe2b..b3040c1 100644
--- a/templates/security/PMASA-2008-9
+++ b/templates/security/PMASA-2008-9
@@ -39,5 +39,7 @@ Upgrade to phpMyAdmin 2.11.9.3 or 3.0.1.1.
<py:def function="announcement_cve">CVE-2008-4775</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-1 b/templates/security/PMASA-2009-1
index d60b3ae..205ee0b 100644
--- a/templates/security/PMASA-2009-1
+++ b/templates/security/PMASA-2009-1
@@ -44,5 +44,7 @@ have discovered this issue and reported it to us.
<py:def function="announcement_cve">CVE-2009-1148 CVE-2009-1149</py:def>
+<py:def function="announcement_cwe">661 113</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-2 b/templates/security/PMASA-2009-2
index 32febaa..fcc61dc 100644
--- a/templates/security/PMASA-2009-2
+++ b/templates/security/PMASA-2009-2
@@ -45,5 +45,7 @@ have discovered this issue and reported it to us.
<py:def function="announcement_cve">CVE-2009-1150</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-3 b/templates/security/PMASA-2009-3
index 218cb14..63018e0 100644
--- a/templates/security/PMASA-2009-3
+++ b/templates/security/PMASA-2009-3
@@ -50,5 +50,7 @@ Thanks to Greg Ose (Neohapsis), who has discovered this issue
and reported it to
<py:def function="announcement_cve">CVE-2009-1151</py:def>
+<py:def function="announcement_cwe">661 116</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-4 b/templates/security/PMASA-2009-4
index 4d19f31..c519cd1 100644
--- a/templates/security/PMASA-2009-4
+++ b/templates/security/PMASA-2009-4
@@ -57,5 +57,7 @@ issue and reported it to us.
<py:def function="announcement_cve">CVE-2009-1285</py:def>
+<py:def function="announcement_cwe">661 116</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-5 b/templates/security/PMASA-2009-5
index e3e8389..758175e 100644
--- a/templates/security/PMASA-2009-5
+++ b/templates/security/PMASA-2009-5
@@ -45,5 +45,7 @@ We wish to thank Sven Vetsch/Disenchant for informing us in a
responsible manner
<py:def function="announcement_cve">CVE-2009-2284</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-6 b/templates/security/PMASA-2009-6
index b6efd2a..f88b89f 100644
--- a/templates/security/PMASA-2009-6
+++ b/templates/security/PMASA-2009-6
@@ -47,5 +47,7 @@ We wish to thank Quintin Russ for informing us in a
responsible manner.
<py:def function="announcement_cve">CVE-2009-3696 CVE-2009-3697</py:def>
+<py:def function="announcement_cwe">661 79 89</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-1 b/templates/security/PMASA-2010-1
index 26855fd..3901232 100644
--- a/templates/security/PMASA-2010-1
+++ b/templates/security/PMASA-2010-1
@@ -48,5 +48,7 @@ We wish to thank to Thijs Kinkhorst for pointing out this
issue.
<py:def function="announcement_cve">CVE-2008-7251</py:def>
+<py:def function="announcement_cwe">661 376</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-2 b/templates/security/PMASA-2010-2
index 4ebc05f..4bc472b 100644
--- a/templates/security/PMASA-2010-2
+++ b/templates/security/PMASA-2010-2
@@ -47,5 +47,7 @@ We wish to thank to Thijs Kinkhorst for pointing out this
issue.
<py:def function="announcement_cve">CVE-2008-7252</py:def>
+<py:def function="announcement_cwe">661 376</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-3 b/templates/security/PMASA-2010-3
index d973f99..8b816db 100644
--- a/templates/security/PMASA-2010-3
+++ b/templates/security/PMASA-2010-3
@@ -52,5 +52,7 @@ We wish to thank to Thomas Biege and Sebastian Krahmer for
pointing out this iss
<py:def function="announcement_cve">CVE-2009-4605</py:def>
+<py:def function="announcement_cwe">661 352</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-4 b/templates/security/PMASA-2010-4
index 0dd4a22..337bba1 100644
--- a/templates/security/PMASA-2010-4
+++ b/templates/security/PMASA-2010-4
@@ -56,5 +56,7 @@ bug</a> for more details.
<py:def function="announcement_cve">CVE-2010-3055</py:def>
+<py:def function="announcement_cwe">661 116</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-5 b/templates/security/PMASA-2010-5
index cb7b2bb..463012d 100644
--- a/templates/security/PMASA-2010-5
+++ b/templates/security/PMASA-2010-5
@@ -45,6 +45,8 @@ and discovered more issues which are fixed as well.
<py:def function="announcement_cve">CVE-2010-3056</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<py:def function="announcement_commits">
48e909660032ddcbc13172830761e363e7a64d72
be0f47a93141e2950ad400b8d22a2a98512825c2
diff --git a/templates/security/PMASA-2010-6 b/templates/security/PMASA-2010-6
index 6db9c7e..8309aa5 100644
--- a/templates/security/PMASA-2010-6
+++ b/templates/security/PMASA-2010-6
@@ -45,6 +45,8 @@ Myanmar</a> for reporting this issue.
<py:def function="announcement_cve">CVE-2010-2958</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<py:def function="announcement_commits">
133a77fac7d31a38703db2099a90c1b49de62e37
</py:def>
diff --git a/templates/security/PMASA-2010-7 b/templates/security/PMASA-2010-7
index 105dcf5..ee3bda0 100644
--- a/templates/security/PMASA-2010-7
+++ b/templates/security/PMASA-2010-7
@@ -38,6 +38,8 @@ Thanks to <a href="http://tenable.com/";>Tenable Network
Security</a> for reporti
<py:def function="announcement_cve">CVE-2010-3263</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<py:def function="announcement_commits">
73ce5705bd1e0b62060f75702d62f88247ce09dd
</py:def>
diff --git a/templates/security/PMASA-2010-8 b/templates/security/PMASA-2010-8
index 29bd1a1..3e8e52d 100644
--- a/templates/security/PMASA-2010-8
+++ b/templates/security/PMASA-2010-8
@@ -34,8 +34,13 @@ Thanks to Alexander Opitz for reporting this issue.
<py:def function="announcement_cve">CVE-2010-4329</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<py:def function="announcement_commits">
4341818d73d454451f024950a4ce0141608ac7f8
+</py:def>
+
+<py:def function="announcement_commits_2_11">
e1f4901ffc400b6d2df15eac0ba5015fe48a27c4
</py:def>
diff --git a/templates/security/_PMASA_ b/templates/security/_PMASA_
index 4995066..3924d36 100644
--- a/templates/security/_PMASA_
+++ b/templates/security/_PMASA_
@@ -53,6 +53,12 @@ Upgrade to phpMyAdmin ???? or newer or apply patch listed
below.
<!--! CVE ID of the report, this is automatically added to references -->
<py:def function="announcement_cve">CVE-201x-xxxx</py:def>
+<!--! CWE IDs of the problem, CWE provides categorisation of the problems,
+661 is "Weaknesses in Software Written in PHP"
+See http://nvd.nist.gov/cwe.cfm for more information
+-->
+<py:def function="announcement_cwe">661</py:def>
+
<!--! Links to SVN or tracker, do not forget to escape & to & -->
<py:def function="announcement_patches">
</py:def>
diff --git a/templates/security/_page.tpl b/templates/security/_page.tpl
index 8cb3ff3..3bb7cf4 100644
--- a/templates/security/_page.tpl
+++ b/templates/security/_page.tpl
@@ -41,7 +41,7 @@
<h3>Solution</h3>
<p>${announcement_solution()}</p>
- <py:if test="defined('announcement_references') or
defined('announcement_cve')">
+ <py:if test="defined('announcement_references') or
defined('announcement_cve') or defined('announcement_cwe')">
<h3>References</h3>
<p
py:if="defined('announcement_references')">${announcement_references()}</p>
<p py:if="defined('announcement_cve')">
@@ -52,6 +52,14 @@
<a
href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=${cve}";>${cve}</a>
</py:for>
</p>
+ <p py:if="defined('announcement_cwe')">
+ CWE ids:
+ <!--! This is a bit ugly expression and there must be better way to do
+ this, but I haven't found it. -->
+ <py:for each="cwe in announcement_cwe().next()[1].split(' ')">
+ <a href="http://cwe.mitre.org/data/definitions/${cwe}.html";>CWE-${cwe}</a>
+ </py:for>
+ </p>
</py:if>
<py:if test="defined('announcement_patches') or
defined('announcement_commits') or defined('announcement_commits_2_11')">
hooks/post-receive
--
phpMyAdmin website
------------------------------------------------------------------------------
What happens now with your Lotus Notes apps - do you make another costly
upgrade, or settle for being marooned without product support? Time to move
off Lotus Notes and onto the cloud with Force.com, apps are easier to build,
use, and manage than apps on traditional platforms. Sign up for the Lotus
Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d
_______________________________________________
Phpmyadmin-git mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-git
