thomasbl-guest at alioth.debian.org
2008-Aug-02 18:09 UTC
[Secure-testing-commits] r9497 - data/CVE
Author: thomasbl-guest Date: 2008-08-02 18:09:54 +0000 (Sat, 02 Aug 2008) New Revision: 9497 Modified: data/CVE/list Log: fckeditor notes changed Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-08-02 16:56:17 UTC (rev 9496) +++ data/CVE/list 2008-08-02 18:09:54 UTC (rev 9497) @@ -214,10 +214,8 @@ NOT-FOR-US: CreaCMS CVE-2008-3312 (Directory traversal vulnerability in ...) - fckeditor <not-affected> (Vulnerable code not present) - NOTE: I think it''s an issue special for lemon CMS, because in the - NOTE: actually version of FCKeditor there isn''t the vuln code present - NOTE: mentioned in the CVE, but for sure: - TODO: check other packages which have the source from fckeditor included! + NOTE: I guess it is lemon CMS specific (although it uses fckeditor) and the + NOTE: fckeditor package is not-affected CVE-2008-3311 (PHP remote file inclusion vulnerability in config.php in Adam ...) NOT-FOR-US: Adam Scheinberg Flip CVE-2008-3310 (SQL injection vulnerability in default.asp in Pre Survey Poll allows ...)