thijs at alioth.debian.org
2008-Feb-21 23:45 UTC
[Secure-testing-commits] r8197 - data/CVE
Author: thijs Date: 2008-02-21 23:45:07 +0000 (Thu, 21 Feb 2008) New Revision: 8197 Modified: data/CVE/list Log: webcalendar bug, mailman fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-02-21 22:07:56 UTC (rev 8196) +++ data/CVE/list 2008-02-21 23:45:07 UTC (rev 8197) @@ -658,7 +658,7 @@ - openldap2.2 <removed> - openldap2 <not-affected> (slapd not built) CVE-2007-6696 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...) - - webcalendar <unfixed> + - webcalendar <unfixed> (bug #466935) CVE-2007-6695 (Cross-site scripting (XSS) vulnerability in index.php in Drake CMS ...) NOT-FOR-US: Drake CMS CVE-2008-0664 (The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, ...) @@ -674,7 +674,7 @@ CVE-2008-0554 (Buffer overflow in the readImageData function in giftopnm.c in netpbm ...) - netpbm-free 10.0-11.1 (medium; bug #464056) CVE-2008-0564 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...) - - mailman <unfixed> (low) + - mailman 1:2.1.10~b3-1 (low) [etch] - mailman <no-dsa> (Minor issue) [sarge] - mailman <no-dsa> (Minor issue) NOTE: Someone authenticated as list admin can insert malicious script