jmm-guest at alioth.debian.org
2008-Jan-21 18:49 UTC
[Secure-testing-commits] r8001 - data/CVE
Author: jmm-guest Date: 2008-01-21 18:49:09 +0000 (Mon, 21 Jan 2008) New Revision: 8001 Modified: data/CVE/list Log: gforge fix was incomplete, updated packages are in preparation. Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-21 18:26:50 UTC (rev 8000) +++ data/CVE/list 2008-01-21 18:49:09 UTC (rev 8001) @@ -17772,7 +17772,8 @@ - mediawiki 1.7.1-6 (bug #406238; medium) NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721 CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php ...) - - gforge 4.5.14-20 (low; bug #406244) + - gforge <unfixed> (low; bug #406244) + NOTE: 4.5.14-20 only fixed one of the two issues (advanced search) [sarge] - gforge <not-affected> (Vulnerable code not present) CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in ...) - b2evolution 0.9.2-4 (bug #410568; low)