thijs at alioth.debian.org
2008-Jan-16 12:50 UTC
[Secure-testing-commits] r7940 - data/CVE
Author: thijs Date: 2008-01-16 12:50:31 +0000 (Wed, 16 Jan 2008) New Revision: 7940 Modified: data/CVE/list Log: do some more shifting on wordpress issues, associate them with the wordpress package, discard some irrelevant ones. Have checked none with lenny/sid, that needs to happen still. Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-16 12:43:25 UTC (rev 7939) +++ data/CVE/list 2008-01-16 12:50:31 UTC (rev 7940) @@ -194,22 +194,26 @@ CVE-2008-0197 (Multiple cross-site scripting (XSS) vulnerabilities in ...) NOT-FOR-US: WP-ContactForm plugin for WordPress CVE-2008-0196 (Multiple directory traversal vulnerabilities in WordPress 2.0.11 and ...) - TODO: check - NOTE: poked hendry + - wordpress <unfixed> + TODO: check if testing/unstable is affected CVE-2008-0195 (WordPress 2.0.11 and earlier allows remote attackers to obtain ...) - TODO: check + - wordpress <unfixed> (unimportant) + NOTE: full path and DB structure already known on Debian NOTE: poked hendry CVE-2008-0194 (Directory traversal vulnerability in wp-db-backup.php in WordPress ...) + - wordpress <unfixed> TODO: check NOTE: poked hendry CVE-2008-0193 (Cross-site scripting (XSS) vulnerability in wp-db-backup.php in ...) - TODO: check + - wordpress <unfixed> + TODO: check; exact affectedness needs to be verified NOTE: poked hendry CVE-2008-0192 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 ...) - TODO: check + - wordpress 2.0.10-1 NOTE: poked hendry CVE-2008-0191 (WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive ...) - TODO: check + - wordpress <unfixed> (unimportant) + NOTE: full path and DB structure already known on Debian NOTE: poked hendry CVE-2008-0190 (Multiple cross-site scripting (XSS) vulnerabilities in ...) NOT-FOR-US: AwesomeTemplateEngine