atomo64-guest at alioth.debian.org
2009-Mar-25 04:45 UTC
[Secure-testing-commits] r11471 - data/CVE
Author: atomo64-guest
Date: 2009-03-25 04:45:24 +0000 (Wed, 25 Mar 2009)
New Revision: 11471
Modified:
data/CVE/list
Log:
phpBB3 issue CVEified, postgresql issue processed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-03-24 21:14:16 UTC (rev 11470)
+++ data/CVE/list 2009-03-25 04:45:24 UTC (rev 11471)
@@ -23,9 +23,7 @@
CVE-2008-6508 (Directory traversal vulnerability in the AuthCheck filter in the
Admin ...)
TODO: check
CVE-2008-6507 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers
to ...)
- TODO: check
-CVE-2008-6506 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers
to ...)
- TODO: check
+ - phpbb3 3.0.2-4
CVE-2008-6505 (Multiple directory traversal vulnerabilities in Apache Struts
2.0.x ...)
TODO: check
CVE-2008-6504 (ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6
and ...)
@@ -317,7 +315,10 @@
CVE-2009-0923 (Unspecified vulnerability in Kerberos Incremental Propagation in
...)
NOT-FOR-US: Solaris
CVE-2009-0922 (PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25
allows ...)
- TODO: check
+ - postgresql-8.3 8.3.7-1 (bug #517405)
+ [etch] - postgresql-8.1 <unfixed>
+ [etch] - postgresql-7.4 <unfixed>
+ TODO: check if DSAs are required
CVE-2008-6481 (SQL injection vulnerability in the Versioning component ...)
NOT-FOR-US: Versioning component (com_versioning) in Joomla! and Mambo
CVE-2009-0921
@@ -4397,7 +4398,7 @@
CVE-2008-5557 (Heap-based buffer overflow in ...)
{DTSA-188-1}
- php5 5.2.6.dfsg.1-1 (bug #511493)
-CVE-2008-XXXX [phpBB3 Account Re-activation Security Bypass]
+CVE-2008-6506 [phpBB3 Account Re-activation Security Bypass]
- phpbb3 3.0.2-4 (low; bug #508872)
CVE-2008-5556 (** DISPUTED ** ...)
NOT-FOR-US: Microsoft Internet Explorer