jmm-guest at alioth.debian.org
2007-Aug-22 21:11 UTC
[Secure-testing-commits] r6376 - data/CVE
Author: jmm-guest Date: 2007-08-22 21:11:21 +0000 (Wed, 22 Aug 2007) New Revision: 6376 Modified: data/CVE/list Log: asterisk and drupal updates Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-22 19:23:45 UTC (rev 6375) +++ data/CVE/list 2007-08-22 21:11:21 UTC (rev 6376) @@ -777,9 +777,8 @@ NOT-FOR-US: WP-FeedStats plugin for WordPress CVE-2007-4103 (The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before ...) - asterisk 1:1.4.9~dfsg-1 + [etch] - asterisk <not-affected> (Only 1.2.20, 1.2.21, 1.2.21.1 and 1.2.22 affected) [sarge] - asterisk <not-affected> (1.0 not affected) - NOTE: Etch status needs to be checked, according to http://ftp.digium.com/pub/asa/ASA-2007-018.html - NOTE: 1.2.20, 1.2.21, 1.2.21.1, 1.2.22 are affected. 1.2.13 from Etch isn''t mentioned CVE-2007-4102 (Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 ...) NOT-FOR-US: sBlog CVE-2007-4101 (Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 ...) @@ -859,7 +858,7 @@ CVE-2007-4064 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...) - drupal 4.7.7-1 (low) - drupal5 5.2-1 (low) - NOTE: DRUPAL-SA-2007-018 + [sarge] - drupal <not-affected> (Only Drupal 5.x is affected) CVE-2007-4063 (Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal ...) - drupal5 5.2-1 (low) NOTE: DRUPAL-SA-2007-017 @@ -6586,6 +6585,7 @@ NOT-FOR-US: NFN Address Book CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk ...) - asterisk 1:1.4.0~dfsg-1 (low) + [etch] - asterisk <not-affected> (Only affects 1.4.x) CVE-2007-1593 (The administrative service in Symantec Veritas Volume Replicator (VVR) ...) NOT-FOR-US: Symantec CVE-2007-1592 (net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 ...)