Author: jmm-guest
Date: 2005-11-16 17:33:13 +0000 (Wed, 16 Nov 2005)
New Revision: 2761
Modified:
data/CVE/list
Log:
phpsysinfo fixed, older fix should be double-checked
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-11-16 13:55:28 UTC (rev 2760)
+++ data/CVE/list 2005-11-16 17:33:13 UTC (rev 2761)
@@ -334,13 +334,13 @@
CVE-2005-3348 [phpsysinfo http response splitting]
RESERVED
{DSA-897-1}
- - phpsysinfo <unfixed> (bug #339079)
+ - phpsysinfo 2.3-7 (bug #339079)
- egroupware 1.0.0.009.dfsg-3-3
- phpgroupware 0.9.16.008-2
CVE-2005-3347 [phpsysinfo file inclusion issue]
RESERVED
{DSA-897-1}
- - phpsysinfo <unfixed> (bug #339079)
+ - phpsysinfo 2.3-7 (bug #339079)
- egroupware 1.0.0.009.dfsg-3-3
- phpgroupware 0.9.16.008-2
CVE-2005-3346 [osh: Local root exploit due to incorrect env var handling]
@@ -9412,6 +9412,7 @@
NOT-FOR-US: Topic Calendar phpbb2 plugin
CVE-2005-0870 (Multiple cross-site scripting (XSS) vulnerabilities in
phpSysInfo 2.3, ...)
{DSA-897-1 DSA-724-1}
+ TODO: Double-check, according to 2.3-7 changelog only fixed in -7?
- phpsysinfo 2.3-3
- egroupware 1.0.0.009.dfsg-3-3
- phpgroupware 0.9.16.008-2