atomo64-guest at alioth.debian.org
2008-Dec-17 02:36 UTC
[Secure-testing-commits] r10712 - data/CVE
Author: atomo64-guest Date: 2008-12-17 02:36:22 +0000 (Wed, 17 Dec 2008) New Revision: 10712 Modified: data/CVE/list Log: NFUs, some issues CVEified Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-16 21:14:09 UTC (rev 10711) +++ data/CVE/list 2008-12-17 02:36:22 UTC (rev 10712) @@ -289,7 +289,7 @@ - axel <unfixed> (low) [etch] - axel <no-dsa> (Minor issue) NOTE: http://alioth.debian.org/forum/forum.php?forum_id=2846 -CVE-2008-XXXX [roundcube remote code execution via preg_replace in html2text.php] +CVE-2008-5619 [roundcube remote code execution via preg_replace in html2text.php] - roundcube 0.1.1-9 (high; bug #508628) NOTE: According to the bug report, this is being exploited. [sid] - moodle <unfixed> (bug #508909) @@ -548,7 +548,7 @@ TODO: check CVE-2008-5361 (The ActionScript 2 virtual machine in Adobe Flash Player 10.x before ...) TODO: check -CVE-2008-XXXX [phpMyAdmin PMASA-2008-10 SQL injection] +CVE-2008-5621 [phpMyAdmin PMASA-2008-10 SQL injection] - phpmyadmin 4:2.11.8.1-5 CVE-2008-XXXX [RSyslog "AllowedSender" Security Bypass Vulnerability] - rsyslog 3.18.6-1 (bug #508027) @@ -3426,6 +3426,7 @@ RESERVED CVE-2008-4122 RESERVED + NOT-FOR-US: Joomla CVE-2008-4121 (Multiple cross-site scripting (XSS) vulnerabilities in cpCommerce ...) NOT-FOR-US: cpCommerce CVE-2008-4120 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 ...) @@ -10761,6 +10762,7 @@ NOT-FOR-US: Sun Solaris CVE-2008-1094 RESERVED + NOT-FOR-US: Barracuda Spam Firewall CVE-2008-1093 (Acresso InstallShield Update Agent does not properly verify the ...) NOT-FOR-US: FLEXnet Connect CVE-2008-1092 (Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet ...) @@ -11035,6 +11037,7 @@ RESERVED CVE-2008-0971 RESERVED + NOT-FOR-US: Barracuda Networks products CVE-2008-0970 RESERVED CVE-2008-0969