joeyh at alioth.debian.org
2008-Apr-23 21:14 UTC
[Secure-testing-commits] r8603 - data/CVE
Author: joeyh Date: 2008-04-23 21:14:14 +0000 (Wed, 23 Apr 2008) New Revision: 8603 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-04-23 19:08:32 UTC (rev 8602) +++ data/CVE/list 2008-04-23 21:14:14 UTC (rev 8603) @@ -56,7 +56,6 @@ - ruby1.8 <unfixed> (unimportant) - ruby1.9 <unfixed> (unimportant) NOTE: corner-case only exploitable if web application is run on windows fs - CVE-2008-1890 (SQL injection vulnerability in the Jom Comment 2.0 build 345 component ...) NOT-FOR-US: Jom Comment for Joomla! CVE-2008-1889 (SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials ...) @@ -1161,14 +1160,14 @@ - clamav 0.92.1~dfsg2-1 [etch] - clamav <not-affected> (Vulnerable code not present) CVE-2008-1386 [serendipity xss] + RESERVED - serendipity 1.3.1-1 NOTE: http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html - RESERVED CVE-2008-1385 [serendipity xss] + RESERVED - serendipity 1.3.1-1 NOTE: http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html NOTE: One of these two issues seems very theoretical, other one needs further assessment - RESERVED CVE-2008-1384 (Integer overflow in PHP 5.2.5 and earlier allows context-dependent ...) - php5 <unfixed> (unimportant) NOTE: http://securityreason.com/achievement_securityalert/52