Author: alec-guest
Date: 2006-06-15 20:24:22 +0000 (Thu, 15 Jun 2006)
New Revision: 4237
Modified:
data/CVE/list
Log:
* CVE-2006-2945 (dokuwiki): bug number
* CVE-2006-2831 (drupal): confirmation from sesse@ that his NMU fixed this one
(not in changelog)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-06-15 18:17:18 UTC (rev 4236)
+++ data/CVE/list 2006-06-15 20:24:22 UTC (rev 4237)
@@ -130,7 +130,7 @@
CVE-2006-2946 (Dmx Forum 2.1a stores _includes/bd.inc under the web root with
...)
NOT-FOR-US: Dmx Forum
CVE-2006-2945 (Unspecified vulnerability the user profile change functionality
in ...)
- - dokuwiki <unfixed> (bug filed; low)
+ - dokuwiki <unfixed> (bug #373689; low)
CVE-2006-2944 (Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and
earlier ...)
NOT-FOR-US: FORM2MAIL
CVE-2006-2943 (Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier
allows ...)
@@ -363,10 +363,10 @@
CVE-2006-2832 (Cross-site scripting (XSS) vulnerability in the upload module
...)
- drupal 4.5.8-1.1 (medium)
CVE-2006-2831 (Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running
under ...)
- - drupal <unfixed> (high)
- NOTE: This CVE references the same Drupal security advisory as
CVE-2006-2832;
- NOTE: I believe it is fixed in 4.5.8-1.1, but I don't grok PHP. Mailed
sesse@
- NOTE: for confirmation.
+ NOTE: Although not in the changelog, sesse@ (responsible for 4.5.8-1.1)
+ NOTE: says he pulled in the entire patch for DRUPAL-SA-2006-007, which
+ NOTE: fixes CVE-2006-2831.
+ - drupal 4.5.8-1.1 (medium)
CVE-2006-2830 (Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime
Agent ...)
NOT-FOR-US: TIBCO
CVE-2006-2829 (Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk
before ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
