nion at alioth.debian.org
2009-Feb-08 12:50 UTC
[Secure-testing-commits] r11164 - data/CVE
Author: nion Date: 2009-02-08 12:50:12 +0000 (Sun, 08 Feb 2009) New Revision: 11164 Modified: data/CVE/list Log: add bug for CVE-2009-0041 CVE-2008-6049 non-issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-07 21:14:17 UTC (rev 11163) +++ data/CVE/list 2009-02-08 12:50:12 UTC (rev 11164) @@ -65,7 +65,8 @@ CVE-2008-6050 (SQL injection vulnerability in the Tech Articles (com_tech_article) ...) NOT-FOR-US: Tech Articles CVE-2008-6049 (SQL injection vulnerability in index.php in TinyMCE 2.0.1 allows ...) - TODO: check + - tinymce <not-affected> (Vulnerable code not present) + NOTE: no idea what this is about tinymce doesn''t ship any php code CVE-2008-6048 (Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS ...) NOT-FOR-US: TangoCMS CVE-2008-6047 (Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 ...) @@ -1319,7 +1320,7 @@ CVE-2009-0042 (Multiple unspecified vulnerabilities in the Arclib library ...) NOT-FOR-US: CA Anti-Virus CVE-2009-0041 (IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before ...) - - asterisk <unfixed> (low; bug filed) + - asterisk <unfixed> (low; bug #513413) [etch] - asterisk <no-dsa> (Minor issue) CVE-2008-5867 (Directory traversal vulnerability in Yerba SACphp 6.3 allows remote ...) NOT-FOR-US: Yerba