thr3ads.net - Secure testing commits - [Secure-testing-commits] r7041

If this information is useful, please help other people find it:
Share via:

jmm-guest at alioth.debian.org

2007-Oct-20 16:59 UTC

[Secure-testing-commits] r7041 - data/CVE

Author: jmm-guest
Date: 2007-10-20 16:59:32 +0000 (Sat, 20 Oct 2007)
New Revision: 7041

Modified:
   data/CVE/list
Log:
drupal non-issue


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-10-20 14:08:20 UTC (rev 7040)
+++ data/CVE/list	2007-10-20 16:59:32 UTC (rev 7041)
@@ -514,8 +514,10 @@
 CVE-2007-5417 (Directory traversal vulnerability in index.php in boastMachine
(aka ...)
 	NOT-FOR-US: boastMachine
 CVE-2007-5416 (Drupal 5.2 and earlier does not properly unset variables when
the ...)
-	- drupal5 <unfixed> (medium; bug #446887)
-	- drupal <unfixed> (medium)
+	- drupal5 <unfixed> (unimportant; bug #446887)
+	- drupal <unfixed> (unimportant)
+	NOTE: The underlying PHP issue has been fixed in DSA 1206.
+	NOTE: Plus, register_globals is not supported in Debian
 CVE-2007-5415 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0,
when ...)
 	TODO: check
 	NOTE: can not reproduce any of the PoC urls in unstable version, anyone knows
more?

Secure testing commits - Oct 2007 - r7041 - data/CVE

[Secure-testing-commits] r7041 - data/CVE