Author: stef-guest Date: 2007-02-06 23:33:50 +0100 (Tue, 06 Feb 2007) New Revision: 5422 Modified: data/CVE/list Log: CVE-2007-055[56]: new PostgreSQL issues fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-02-06 11:12:14 UTC (rev 5421) +++ data/CVE/list 2007-02-06 22:33:50 UTC (rev 5422) @@ -449,9 +449,16 @@ CVE-2007-0557 (rMake before 1.0.4 drops root privileges in a way that retains the ...) NOT-FOR-US: rPath CVE-2007-0556 (The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and ...) - TODO: check + - postgresql-8.2 8.2.2-1 + - postgresql-8.1 8.1.7-1 + - postgresql-7.4 <not-affected> (only PostgreSQL 8.x) + - postgresql <not-affected> (only PostgreSQL 8.x) CVE-2007-0555 (PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, ...) - TODO: check + - postgresql-8.2 8.2.2-1 + - postgresql-8.1 8.1.7-1 + - postgresql-7.4 1:7.4.16-1 + - postgresql <not-affected> (only transitional package) + [sarge] - postgresql <unfixed> CVE-2007-0554 (SQL injection vulnerability in print.asp in Guo Xu Guos Posting System ...) NOT-FOR-US: Guos Posting System CVE-2007-0553 (Multiple cross-site scripting (XSS) vulnerabilities in index.inc.php ...)