atomo64-guest at alioth.debian.org
2008-Nov-06 21:58 UTC
[Secure-testing-commits] r10315 - in data: . CVE
Author: atomo64-guest Date: 2008-11-06 21:58:29 +0000 (Thu, 06 Nov 2008) New Revision: 10315 Modified: data/CVE/list data/embedded-code-copies Log: Know about typo''s itp and the copy of webcalendar in gforge-plugins-extra Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-06 21:52:36 UTC (rev 10314) +++ data/CVE/list 2008-11-06 21:58:29 UTC (rev 10315) @@ -169,11 +169,11 @@ CVE-2008-4906 (SQL injection vulnerability in lyrics_song.php in the Lyrics ...) NOT-FOR-US: Lyrics (lyrics_menu) plugin for e107 CVE-2008-4905 (Typo 5.1.3 and earlier uses a hard-coded salt for calculating password ...) - NOT-FOR-US: Typo (blog engine) + - typo <itp> (bug #379399) CVE-2008-4904 (SQL injection vulnerability in the "Manage pages" feature ...) - NOT-FOR-US: Typo (blog engine) + - typo <itp> (bug #379399) CVE-2008-4903 (Cross-site scripting (XSS) vulnerability in the leave comment ...) - NOT-FOR-US: Typo (blog engine) + - typo <itp> (bug #379399) CVE-2008-4902 (SQL injection vulnerability in contact_author.php in Article Publisher ...) NOT-FOR-US: Article Publisher CVE-2008-4901 (SQL injection vulnerability in admin/admin.php in Article Publisher ...) @@ -5150,6 +5150,7 @@ NOT-FOR-US: CMS-BRD CVE-2008-2836 (PHP remote file inclusion vulnerability in send_reminders.php in ...) - webcalendar 1.0.5-1 (low) + - gforge-plugins-extra <not-affected> (code in lenny internally sets its own path) CVE-2008-2835 (SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows ...) NOT-FOR-US: IGSuite CVE-2008-2834 (SQL injection vulnerability in projects.php in Scientific Image ...) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2008-11-06 21:52:36 UTC (rev 10314) +++ data/embedded-code-copies 2008-11-06 21:58:29 UTC (rev 10315) @@ -670,3 +670,6 @@ geshi - dokuwiki <unfixed> (embed) - pgfouine <unfixed> (embed) + +webcalendar + - gforge-plugins-extra <unfixed> (embed; bug #504758)