Author: alec-guest
Date: 2006-06-14 23:54:10 +0000 (Wed, 14 Jun 2006)
New Revision: 4215
Modified:
data/CVE/list
Log:
* CVE-2006-2831: appears fixed in drupal 4.5.8-1.1 but not mentioned
in changelog; mailed sesse@ for confirmation
* CVE-2006-2667: found fixed version of wordpress
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-06-14 23:25:48 UTC (rev 4214)
+++ data/CVE/list 2006-06-14 23:54:10 UTC (rev 4215)
@@ -364,6 +364,9 @@
- drupal 4.5.8-1.1 (medium)
CVE-2006-2831 (Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running
under ...)
TODO: check
+ NOTE: This CVE references the same Drupal security advisory as CVE-2006-2832;
+ NOTE: I believe it is fixed in 4.5.8-1.1, but I don''t grok PHP.
Mailed sesse@
+ NOTE: for confirmation.
CVE-2006-2830 (Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime
Agent ...)
NOT-FOR-US: TIBCO
CVE-2006-2829 (Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk
before ...)
@@ -788,7 +791,7 @@
CVE-2006-2668 (Multiple PHP remote file inclusion vulnerabilities in Docebo LMS
2.05 ...)
TODO: check
CVE-2006-2667 (Direct static code injection vulnerability in WordPress 2.0.2
and ...)
- TODO: check
+ - wordpress 2.0.3-1 (bug #369014; medium)
CVE-2006-2666 (PHP remote file inclusion vulnerability in ...)
TODO: check
CVE-2006-2665 (PHP remote file inclusion vulnerability in ...)