joeyh at alioth.debian.org
2008-Feb-22 09:14 UTC
[Secure-testing-commits] r8200 - data/CVE
Author: joeyh
Date: 2008-02-22 09:14:25 +0000 (Fri, 22 Feb 2008)
New Revision: 8200
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-02-22 05:47:01 UTC (rev 8199)
+++ data/CVE/list 2008-02-22 09:14:25 UTC (rev 8200)
@@ -1423,9 +1423,11 @@
NOTE: full path and DB structure already known on Debian
NOTE: poked hendry
CVE-2008-0194 (Directory traversal vulnerability in wp-db-backup.php in
WordPress ...)
+ {DSA-1502-1}
- wordpress 2.1.0-1
NOTE: Vulnerable code removed since 2.1 release
CVE-2008-0193 (Cross-site scripting (XSS) vulnerability in wp-db-backup.php in
...)
+ {DSA-1502-1}
- wordpress 2.1.0-1
NOTE: Vulnerable code removed since 2.1 release
CVE-2008-0192 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress
2.0.9 ...)
@@ -1496,6 +1498,7 @@
- linux-2.6 <unfixed> (high)
CVE-2008-0162
RESERVED
+ {DSA-1500-1}
CVE-2008-0302 (Untrusted search path vulnerability in apt-listchanges.py in
...)
{DSA-1465-2}
- apt-listchanges 2.82 (medium)
@@ -2514,6 +2517,7 @@
CVE-2007-6349 (P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on
...)
NOT-FOR-US: P4Web
CVE-2007-6418 (The libdspam7-drv-mysql cron job in Debian GNU/Linux includes
the ...)
+ {DSA-1501-1}
- dspam 3.6.8-5.1 (low; bug #448519)
CVE-2008-0025
RESERVED
@@ -11057,6 +11061,7 @@
CVE-2007-3239 (Cross-site scripting (XSS) vulnerability in searchform.php in
the ...)
NOT-FOR-US: AndyBlue theme for WordPress
CVE-2007-3238 (Cross-site scripting (XSS) vulnerability in functions.php in the
...)
+ {DSA-1502-1}
- wordpress 2.2.2-1 (low)
CVE-2007-3237 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: XOOPS
@@ -12078,6 +12083,7 @@
CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled,
allows ...)
NOT-FOR-US: TutorialCMS
CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in
WordPress ...)
+ {DSA-1502-1}
- wordpress 2.2-1 (high)
NOTE: seems present in etch even though admin-ajax.php was not shipped yet
CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT
ActiveX ...)