white at alioth.debian.org
2008-Dec-24 15:02 UTC
[Secure-testing-commits] r10794 - data/CVE
Author: white Date: 2008-12-24 15:02:44 +0000 (Wed, 24 Dec 2008) New Revision: 10794 Modified: data/CVE/list Log: Lower second php-xajax issue, since it is a non-issue, neither upstream nor mitre know about it, probably a dupe of the XSS Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-24 14:13:08 UTC (rev 10793) +++ data/CVE/list 2008-12-24 15:02:44 UTC (rev 10794) @@ -24132,7 +24132,9 @@ CVE-2007-2741 (Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows ...) - lcms 1.15-1 (medium) CVE-2007-2740 (Unspecified vulnerability in xajax before 0.2.5 has unknown impact and ...) - - php-xajax 0.2.5-1 (bug #426103; low) + - php-xajax 0.2.5-1 (bug #426103; unimportant) + NOTE: This issue was created because of an upstream changelog entry, which however + NOTE: was meant for the XSS, which is the general issue. CVE-2007-2739 (Cross-site scripting (XSS) vulnerability in xajax before 0.2.5 allows ...) - php-xajax 0.2.5-1 (bug #426103; low) CVE-2007-2738 (SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 ...)