thr3ads.net - Secure testing commits - [Secure-testing-commits] r9593

If this information is useful, please help other people find it:
Share via:

nion at alioth.debian.org

2008-Aug-16 14:57 UTC

[Secure-testing-commits] r9593 - data/CVE

Author: nion
Date: 2008-08-16 14:57:24 +0000 (Sat, 16 Aug 2008)
New Revision: 9593

Modified:
   data/CVE/list
Log:
NFU
CVE-2008-3568 doesn''t affect plain fckeditor
CVE-2008-3535, CVE-2008-3496 fixed in linux-2.6 2.6.26-2


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-08-16 14:41:37 UTC (rev 9592)
+++ data/CVE/list	2008-08-16 14:57:24 UTC (rev 9593)
@@ -215,7 +215,8 @@
 CVE-2008-3569 (Multiple cross-site scripting (XSS) vulnerabilities in XAMPP
1.6.7, ...)
 	NOT-FOR-US: XAMPP
 CVE-2008-3568 (Absolute path traversal vulnerability in ...)
-	TODO: check
+	- fckeditor <not-affected> (Vulnerable code not present)
+	NOTE: unak specific change, see fckeditor/unak_changes.txt in source
 CVE-2008-3567 (Unspecified vulnerability in the NowPlaying functionality in
NullSoft ...)
 	NOT-FOR-US: NullSoft Winamp
 CVE-2008-3566 (Cross-site scripting (XSS) vulnerability in ZoneO-soft freeForum
1.7 ...)
@@ -241,7 +242,7 @@
 CVE-2008-3556 (Multiple SQL injection vulnerabilities in index.php in
Battle.net Clan ...)
 	NOT-FOR-US: Battle.net Clan Script
 CVE-2008-3555 (Directory traversal vulnerability in index.php in (1) WSN Forum
4.1.43 ...)
-	TODO: check
+	NOT-FOR-US: Wsn Knowledge Base
 CVE-2008-3554 (SQL injection vulnerability in index.php in Discuz! 6.0.1 allows
...)
 	NOT-FOR-US: Discuz!
 CVE-2008-3553 (Multiple unspecified vulnerabilities in Nokia Series 40 3rd
edition ...)
@@ -277,7 +278,7 @@
 CVE-2008-3536
 	RESERVED
 CVE-2008-3535 (Off-by-one error in the iov_iter_advance function in
mm/filemap.c in ...)
-	TODO: check
+	- linux-2.6 2.6.26-2
 CVE-2008-3534 (The shmem_delete_inode function in mm/shmem.c in the tmpfs ...)
 	TODO: check
 CVE-2008-3533 [yelp format string]
@@ -355,7 +356,7 @@
 CVE-2008-3497 (SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1
allows ...)
 	NOT-FOR-US: MyPHP CMS
 CVE-2008-3496 (Buffer overflow in format descriptor parsing in the
uvc_parse_format ...)
-	TODO: check
+	- linux-2.6 2.6.26-2
 CVE-2008-3495 (SQL injection vulnerability in kategori.asp in Pcshey Portal
allows ...)
 	NOT-FOR-US: Pcshey Portal
 CVE-2008-3494 (8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to
bypass ...)

Secure testing commits - Aug 2008 - r9593 - data/CVE

[Secure-testing-commits] r9593 - data/CVE