Author: stef-guest
Date: 2006-08-09 16:33:08 +0000 (Wed, 09 Aug 2006)
New Revision: 4536
Modified:
data/CVE/list
Log:
all serendipity issues are fixed in 1.0
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-08-09 16:23:25 UTC (rev 4535)
+++ data/CVE/list 2006-08-09 16:33:08 UTC (rev 4536)
@@ -3456,7 +3456,7 @@
CVE-2006-2496 (Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows
remote ...)
NOT-FOR-US: Novell
CVE-2006-2495 (Cross-site request forgery (CSRF) vulnerability in the Entry
Manager ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2006-2494 (Stack-based buffer overflow in IntelliTamper 2.07 allows remote
...)
NOT-FOR-US: IntelliTampe
CVE-2006-2493
@@ -13150,7 +13150,7 @@
CVE-2004-2526 (Directory traversal vulnerability in ldacgi.exe in IBM Tivoli
...)
NOT-FOR-US: Tivoli
CVE-2004-2525 (Cross-site scripting (XSS) vulnerability in compat.php in
Serendipity ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2004-2524 (clogin.php in Benchmark Designs'' WHM AutoPilot 2.4.5
and earlier ...)
NOT-FOR-US: WHM AutoPilot
CVE-2004-2523 (Format string vulnerability in the msg command (cat_message
function ...)
@@ -13706,7 +13706,7 @@
CVE-2005-3130 (SQL injection vulnerability in lucidCMS 1.0.11 allows remote
attackers ...)
NOT-FOR-US: lucidCMS
CVE-2005-3129 (Cross-site request forgery (CSRF) vulnerability in Serendipity
0.8.4 ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2005-3128 (Cross-site scripting (XSS) vulnerability in add.php in Address
Add ...)
NOT-FOR-US: Address Add Plugin for Squirrelmail
CVE-2005-3127 (Cross-site scripting (XSS) vulnerability in index.php in
lucidCMS ...)
@@ -13831,9 +13831,6 @@
CVE-2005-2966 (The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and
...)
{DSA-847-1}
- dia 0.94.0-15 (bug #330890; medium)
-CVE-2005-XXXX [Serendipity account hijacking through CSRF]
- - serendipity <itp> (bug #312413)
- NOTE: Fixed in 0.8.5
CVE-2005-XXXX [Insecure temp files in linux-wlan-ng]
- linux-wlan-ng 0.2.0+0.2.1pre21-1.1 (bug #290047; low)
CVE-2002-XXXX [sanitizer bypassal through quoted file names]
@@ -17289,9 +17286,9 @@
CVE-2004-2159 (Multiple buffer overflows in XMLStarlet Command Line XML Toolkit
0.9.3 ...)
- xmlstarlet 1.0.0-1
CVE-2004-2158 (SQL injection vulnerability in Serendipity 0.7-beta1 allows
remote ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2004-2157 (Cross-site scripting (XSS) vulnerability in Comment.php in
Serendipity ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2004-2156 (Multiple unknown vulnerabilities in Online Recruitment Agency
1.0 have ...)
NOT-FOR-US: Online Recruitment Agency
CVE-2004-2155 (Online-bookmarks before 0.4.6 allows remote attackers to bypass
its ...)
@@ -18650,7 +18647,7 @@
- clamav 0.86.1-1 (low)
CVE-2005-1921 (Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier
(aka ...)
{DSA-789-1 DSA-746-1 DSA-747-1 DSA-745-1 DTSA-15-1}
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
- drupal 4.5.4-1 (high; bug #316362)
- phpgroupware 0.9.16.006-1 (high)
- egroupware 1.0.0.007-3.dfsg-1 (bug #317263; high)
@@ -20670,15 +20667,15 @@
CVE-2005-XXXX [Unspeficied security issue in ipsec-tool''s single DES
support]
- ipsec-tools 1:0.5.2-1
CVE-2005-1452 (Serendipity before 0.8 allows Chief users to "hide
plugins installed ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2005-1451 (The media manager in Serendipity before 0.8 allows remote
attackers to ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2005-1450 (Unknown vulnerability in "the function used to validate
path-names for ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2005-1449 (Unknown vulnerability in serendipity_config_local.inc.php for
...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2005-1448 (Cross-site scripting (XSS) vulnerability in the BBCode plugin
for ...)
- - serendipity <itp> (bug #312413)
+ - serendipity 1.0-1
CVE-2005-1447 (PHP remote code injection vulnerability in main.php in SitePanel
2.6.1 ...)
NOT-FOR-US: SitePanel
CVE-2005-1446 (SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers
to ...)