atomo64-guest at alioth.debian.org
2008-Nov-29 00:30 UTC
[Secure-testing-commits] r10518 - in data: . CVE packages
Author: atomo64-guest Date: 2008-11-29 00:30:07 +0000 (Sat, 29 Nov 2008) New Revision: 10518 Modified: data/CVE/list data/embedded-code-copies data/packages/removed-packages Log: axyl is gone use libphp-cas to track the copies of domxml-php4-php5.php new minor php5 issue know about partially-published phpcas issues /usr/lib/subversion/hook-scripts/commit-email.pl: `/usr/bin/svnlook diff /svn/secure-testing -r 10518'' failed with this output: Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-29 00:21:43 UTC (rev 10517) +++ data/CVE/list 2008-11-29 00:30:07 UTC (rev 10518) @@ -1,3 +1,12 @@ +CVE-2008-XXXX [multiple vulnerabilities in phpcas] + - libphp-cas <itp> (bug #495542) + - moodle <unfixed> + - glpi <unfixed> + NOTE: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82 + NOTE: upstream has been notified + TODO: write proper advisory and request CVE id +CVE-2008-XXXX [php5: inifile handler for the dba functions can be used to truncate a file] + - php5 (low; bug #507101) CVE-2008-5278 [Cross-site scripting (XSS) vulnerability in the RSS Feed Generator] - wordpress <unfixed> (low; bug #507193) CVE-2008-XXXX [cups: integer overflow due to incomplete fix for CVE-2008-1722] Modified: data/embedded-code-copies ===================================================================