thijs at alioth.debian.org
2008-Nov-17 10:17 UTC
[Secure-testing-commits] r10400 - data/CVE
Author: thijs Date: 2008-11-17 10:17:20 +0000 (Mon, 17 Nov 2008) New Revision: 10400 Modified: data/CVE/list Log: dia fixed by nmu; *groupware not affected by phpmailer issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-16 21:14:10 UTC (rev 10399) +++ data/CVE/list 2008-11-17 10:17:20 UTC (rev 10400) @@ -538,7 +538,7 @@ NOTE: given that the standard top will display the maliciously hidden processes NOTE: just fine. CVE-2008-XXXX [dia: Python scripts load modules from current directory] - - dia <unfixed> (low; bug #504251) + - dia 0.96.1-7.1 (low; bug #504251) [etch] - dia <no-dsa> (Minor issue, only vulnerable when called from certain dir) CVE-2008-XXXX [virtualbox-ose: insecure temp file usage] - virtualbox-ose 1.6.6-dfsg-3 (low; bug #504149) @@ -21327,9 +21327,8 @@ [etch] - wordpress <not-affected> (Vulnerable code not present) - mahara 1.0.5-2 (bug #504253) [lenny] - mahara 1.0.4-3 - [etch] - phpgroupware <unfixed> (bug #504255) - NOTE: the bug is in the phpgroupware-felamimail binary package - - egroupware <unfixed> (bug #504283) + [etch] - phpgroupware <not-affected> (bug #504255; Vulnerable code not used) + - egroupware <not-affected> (bug #504283; Vulnerable code not used) CVE-2007-3214 (SQL injection vulnerability in style.php in e-Vision CMS 2.02 and ...) NOT-FOR-US: e-Vision CMS CVE-2007-3213 (Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in ...)