Author: nion
Date: 2009-02-08 12:50:12 +0000 (Sun, 08 Feb 2009)
New Revision: 11164
Modified:
data/CVE/list
Log:
add bug for CVE-2009-0041
CVE-2008-6049 non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-07 21:14:17 UTC (rev 11163)
+++ data/CVE/list 2009-02-08 12:50:12 UTC (rev 11164)
@@ -65,7 +65,8 @@
CVE-2008-6050 (SQL injection vulnerability in the Tech Articles
(com_tech_article) ...)
NOT-FOR-US: Tech Articles
CVE-2008-6049 (SQL injection vulnerability in index.php in TinyMCE 2.0.1
allows ...)
- TODO: check
+ - tinymce <not-affected> (Vulnerable code not present)
+ NOTE: no idea what this is about tinymce doesn't ship any php code
CVE-2008-6048 (Multiple cross-site request forgery (CSRF) vulnerabilities in
TangoCMS ...)
NOT-FOR-US: TangoCMS
CVE-2008-6047 (Cross-site scripting (XSS) vulnerability in ADbNewsSender
before 1.5.2 ...)
@@ -1319,7 +1320,7 @@
CVE-2009-0042 (Multiple unspecified vulnerabilities in the Arclib library ...)
NOT-FOR-US: CA Anti-Virus
CVE-2009-0041 (IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before
...)
- - asterisk <unfixed> (low; bug filed)
+ - asterisk <unfixed> (low; bug #513413)
[etch] - asterisk <no-dsa> (Minor issue)
CVE-2008-5867 (Directory traversal vulnerability in Yerba SACphp 6.3 allows
remote ...)
NOT-FOR-US: Yerba
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
