Author: alec-guest
Date: 2006-08-26 18:19:44 +0000 (Sat, 26 Aug 2006)
New Revision: 4632
Modified:
data/CVE/list
Log:
CVE-2006-0806: moddle not-affected, but maintainer uploaded patch anyway
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-08-26 18:08:21 UTC (rev 4631)
+++ data/CVE/list 2006-08-26 18:19:44 UTC (rev 4632)
@@ -8212,7 +8212,10 @@
CVE-2006-0806 (Multiple cross-site scripting (XSS) vulnerabilities in ADOdb
4.71, as ...)
{DSA-1031-1 DSA-1030-1 DSA-1029-1}
- libphp-adodb 4.72-0.1 (bug #358872; medium)
- - moodle <not-affected> (bug #360396; medium; maintainer says that
Moodle doesn''t use it, see close message)
+ - moodle 1.6.1+20060825-1 (bug #360396; medium)
+ NOTE: according to maintainer, "Moodle neither uses nor plans to use
+ NOTE: ADODB_Pager, so it''s not affected by #360396, but include
patch for
+ NOTE: it anyway, just in case somebody decides to use it out of the blue
CVE-2006-0805 (The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed
...)
NOT-FOR-US: php-Nuke
CVE-2006-0804 (Off-by-one error in TIN 1.8.0 and earlier might allow attackers
to ...)