Author: thijs Date: 2011-07-07 08:21:42 +0000 (Thu, 07 Jul 2011) New Revision: 16910 Modified: data/CVE/list Log: new pma issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-07-07 06:36:24 UTC (rev 16909) +++ data/CVE/list 2011-07-07 08:21:42 UTC (rev 16910) @@ -321,14 +321,22 @@ [lenny] - dokuwiki <no-dsa> (Minor issue) CVE-2011-2509 RESERVED -CVE-2011-2508 +CVE-2011-2508 [PMASA-2011-8 filtering of a file path, which allowed for directory traversal] RESERVED -CVE-2011-2507 + - phpmyadmin 4:3.4.3.1-1 +CVE-2011-2507 [PMASA-2011-7 regexp quoting issue in Synchronize code] RESERVED -CVE-2011-2506 + - phpmyadmin 4:3.4.3.1-1 (unimportant) + [lenny] - phpmyadmin <not-affected> (Vulnerable code not present) + NOTE: neutralized by Suhosin patch +CVE-2011-2506 [PMASA-2011-6 possible code injection in case session variables are compromised] RESERVED -CVE-2011-2505 + - phpmyadmin 4:3.4.3.1-1 (low) + [lenny] - phpmyadmin <not-affected> (Vulnerable code not present) +CVE-2011-2505 [PMASA-2011-5 possible session manipulation in swekey authentication] RESERVED + - phpmyadmin 4:3.4.3.1-1 + [lenny] - phpmyadmin <not-affected> (Vulnerable code not present) CVE-2011-2504 RESERVED CVE-2011-2503