Author: fw Date: 2005-10-24 11:05:29 +0000 (Mon, 24 Oct 2005) New Revision: 2550 Modified: data/CVE/list Log: CVE-2005-3301 is unfixed in Debian (bug #328501 is CVE-2005-2869, a separate set of issues). Merge duplicate phpmyadmin entries. Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-10-24 09:54:59 UTC (rev 2549) +++ data/CVE/list 2005-10-24 11:05:29 UTC (rev 2550) @@ -1,9 +1,9 @@ CVE-2005-3301 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) - TODO: check, which of these issues are covered by #328501 + - phpmyadmin <unfixed> (medium) CVE-2005-3300 (The register_globals emulation layer in grab_globals.php for ...) - phpmyadmin <unfixed> (bug #335306; high) CVE-2005-3299 (PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin ...) - - phpmyadmin 4:2.6.4-pl2-1 (bug #333433) + - phpmyadmin 4:2.6.4-pl2-1 (bug #333433; high) CVE-2005-3298 (Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote ...) NOT-FOR-US: OpenWBEM CVE-2005-3297 (Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote ...) @@ -266,8 +266,6 @@ - curl 7.15.0-1 (bug #333734; medium) CVE-2005-3239 (The OLE2 unpacker in clamd in ClamAV 0.87-1 allows remote attackers to ...) - clamav <unfixed> (bug #333566) -CVE-2005-3299 (PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin ...) - - phpmyadmin 4:2.6.4-pl2-1 (bug #333433; high) CVE-2005-3181 (Linux kernel before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, ...) - linux-2.6 2.6.12-11 NOTE: Might as well be 2.6.13-2, depending on the next upload