Author: fw Date: 2007-05-08 18:04:52 +0000 (Tue, 08 May 2007) New Revision: 5807 Modified: data/CVE/list Log: CVE-2007-1395: phpmyadmin fixed CVE-2007-1325: phpmyadmin <no-dsa> (PHP issue) Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-07 21:14:47 UTC (rev 5806) +++ data/CVE/list 2007-05-08 18:04:52 UTC (rev 5807) @@ -2460,7 +2460,7 @@ - php5 <unfixed> (unimportant) NOTE: Non-issue CVE-2007-1395 (Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 ...) - - phpmyadmin <unfixed> (medium) + - phpmyadmin 4:2.10.0.2-1 (medium) CVE-2007-1394 (Direct static code injection vulnerability in startsession.php in Flat ...) NOT-FOR-US: Flat Chat CVE-2007-1393 (PHP remote file inclusion vulnerability in mysave.php in Magic CMS ...) @@ -2620,6 +2620,8 @@ NOTE: http://blog.s9y.org/archives/164-Serendipity-1.1.2-released.html CVE-2007-1325 (The PMA_ArrayWalkRecursive function in libraries/common.lib.php in ...) - phpmyadmin 4:2.10.0.2-1 + [sarge] - phpmyadmin <no-dsa> (workaround for PHP issue) + [etch] - phpmyadmin <no-dsa> (workaround for PHP issue) CVE-2007-1324 (SnapGear 560, 585, 580, 640, 710, and 720 appliances before the ...) NOT-FOR-US: SnapGear CVE-2007-1323