thijs at alioth.debian.org
2008-Mar-24 16:39 UTC
[Secure-testing-commits] r8396 - in data: CVE DSA
Author: thijs
Date: 2008-03-24 16:39:54 +0000 (Mon, 24 Mar 2008)
New Revision: 8396
Modified:
data/CVE/list
data/DSA/list
Log:
DSA-1528-1 serendipity
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-03-24 14:48:41 UTC (rev 8395)
+++ data/CVE/list 2008-03-24 16:39:54 UTC (rev 8396)
@@ -1,5 +1,7 @@
CVE-2008-XXXX [Serendipity XSS in trackbacks]
- serendipity 1.3-1
+ [etch] - serendipity 1.0.4-1+etch1
+ NOTE: no CVE id available at time of DSA release
NOTE:
http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html
NOTE: CVE id requested
CVE-2008-XXXX [multiple security issues in kses as used in egroupware]
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-03-24 14:48:41 UTC (rev 8395)
+++ data/DSA/list 2008-03-24 16:39:54 UTC (rev 8396)
@@ -1,3 +1,6 @@
+[24 Mar 2008] DSA-1528-1 serendipity - cross site scripting
+ {CVE-2007-6205 CVE-2008-0124}
+ [etch] - serendipity 1.0.4-1+etch1
[24 Mar 2008] DSA-1527-1 debian-goodies - privilege escalation
{CVE-2007-3912}
[sarge] - debian-goodies 0.23+sarge1