white at alioth.debian.org
2007-Oct-24 14:13 UTC
[Secure-testing-commits] r7087 - data/CVE
Author: white Date: 2007-10-24 14:13:24 +0000 (Wed, 24 Oct 2007) New Revision: 7087 Modified: data/CVE/list Log: Weblinks is not included in the drupal packages, thus drupal not affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-24 11:37:53 UTC (rev 7086) +++ data/CVE/list 2007-10-24 14:13:24 UTC (rev 7087) @@ -114,8 +114,9 @@ CVE-2007-5599 (Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow ...) NOT-FOR-US: awrate CVE-2007-5598 (Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x ...) - - drupal5 <unfixed> (low; bug #447748) - - drupal <unfixed> (low; bug #447746) + - drupal5 <not-affected> (bug #447748) + - drupal <not-affected> (bug #447746) + NOTE: drupal weblinks is not included in the drupal package in debian CVE-2007-5597 (The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 ...) - drupal5 5.3-1 - drupal 4.7.8-1