white at alioth.debian.org
2008-Nov-08 06:58 UTC
[Secure-testing-commits] r10332 - data/CVE
Author: white Date: 2008-11-08 06:58:48 +0000 (Sat, 08 Nov 2008) New Revision: 10332 Modified: data/CVE/list Log: 2 NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-08 01:06:55 UTC (rev 10331) +++ data/CVE/list 2008-11-08 06:58:48 UTC (rev 10332) @@ -1,5 +1,5 @@ CVE-2008-4991 (SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and ...) - TODO: check + NOT-FOR-US: LOCKON CO.,LTD. EC-CUBE CVE-2008-XXXX [Nagios "cmd.cgi" Cross-Site Request Forgery] - nagios3 <unfixed> (bug #504894) TODO: check nagios2 @@ -41,7 +41,7 @@ - vlc <not-affected> (Vulnerable code not present in 0.8.x) TODO: recheck if 0.9 gets uploaded to unstable CVE-2008-4931 (Cross-site scripting (XSS) vulnerability in the account module in ...) - TODO: check + NOT-FOR-US: firmCHANNEL Digital Signage CVE-2008-4930 (MyBB (aka MyBulletinBoard) 1.4.2 does not properly handle an uploaded ...) NOT-FOR-US: MyBB CVE-2008-4929 (MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to ...)