white at alioth.debian.org
2008-Jul-28 15:29 UTC
[Secure-testing-commits] r9448 - data/CVE
Author: white Date: 2008-07-28 15:29:19 +0000 (Mon, 28 Jul 2008) New Revision: 9448 Modified: data/CVE/list Log: One mantis issue fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-07-28 15:21:45 UTC (rev 9447) +++ data/CVE/list 2008-07-28 15:29:19 UTC (rev 9448) @@ -9,7 +9,9 @@ CVE-2008-3334 (Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14 ...) NOT-FOR-US: MyBB CVE-2008-3333 (Directory traversal vulnerability in core/lang_api.php in Mantis ...) - TODO: check + - mantis 1.1.2+dfsg-2 + NOTE: I''ve marked the above version as fixed, however I am not sure if it wasn''t fixed + NOTE: earlier. However, lenny is fixed and it is not in etch and sarge is not supported anymore. CVE-2008-3332 (Eval injection vulnerability in adm_config_set.php in Mantis before ...) TODO: check CVE-2008-3331 (Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php ...)