thr3ads.net - Secure testing commits - [Secure-testing-commits] r10862

If this information is useful, please help other people find it:
Share via:
white at alioth.debian.org
2009-Jan-05 21:27 UTC
[Secure-testing-commits] r10862 - in data: CVE DSA DTSA

Author: white
Date: 2009-01-05 21:27:30 +0000 (Mon, 05 Jan 2009)
New Revision: 10862

Modified:
   data/CVE/list
   data/DSA/list
   data/DTSA/list
Log:
NFUs; add the old CVE id to DSA/DTSA reference as the default was changed as
well

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-01-05 21:14:22 UTC (rev 10861)
+++ data/CVE/list	2009-01-05 21:27:30 UTC (rev 10862)
@@ -17,47 +17,47 @@
 CVE-2008-5829
 	RESERVED
 CVE-2008-5828 (Microsoft Windows Live Messenger Client 8.5.1 and earlier, when
MSN ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2008-5827 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12
...)
-	TODO: check
+	NOT-FOR-US: Nokia Firmware
 CVE-2008-5826 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12
...)
-	TODO: check
+	NOT-FOR-US: Nokia Firmware
 CVE-2008-5825 (The SmartPoster implementation on the Nokia 6131 Near Field ...)
-	TODO: check
+	NOT-FOR-US: Nokia Firmware
 CVE-2008-5823 (An ActiveX control in prtstb06.dll in Microsoft Money 2006, when
used ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Money
 CVE-2008-5822 (Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and
other ...)
 	TODO: check
 CVE-2008-5821 (Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2
on ...)
 	TODO: check
 CVE-2008-5820 (SQL injection vulnerability in eDNews_view.php in eDreamers
eDNews 2 ...)
-	TODO: check
+	NOT-FOR-US: eDreamers eDNews
 CVE-2008-5819 (Directory traversal vulnerability in eDNews_archive.php in
eDreamers ...)
-	TODO: check
+	NOT-FOR-US: eDreamers eDNews
 CVE-2008-5818 (Directory traversal vulnerability in index.php in eDreamers ...)
-	TODO: check
+	NOT-FOR-US: eDreamers eDNews
 CVE-2008-5817 (Multiple SQL injection vulnerabilities in index.php in Web
Scribble ...)
-	TODO: check
+	NOT-FOR-US: Web Scribble Solutions webClassifieds
 CVE-2008-5816 (SQL injection vulnerability in repository.php in ILIAS 3.7.4 and
...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2008-5815 (SQL injection vulnerability in Acomment.php in phpAlumni allows
remote ...)
-	TODO: check
+	NOT-FOR-US: phpAlumni
 CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7
and ...)
 	TODO: check
 CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8
before ...)
-	TODO: check
+	NOT-FOR-US: SPIP
 CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b,
1.9 ...)
-	TODO: check
+	NOT-FOR-US: SPIP
 CVE-2008-5811 (SQL injection vulnerability in the PaxGallery (com_paxgallery)
...)
-	TODO: check
+	NOT-FOR-US: joomla
 CVE-2008-5810 (WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions
7.0, ...)
-	TODO: check
+	NOT-FOR-US: Fujitsu-Siemens WebTransactions
 CVE-2008-5809 (futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier
and ...)
-	TODO: check
+	NOT-FOR-US: futomi CGI Cafe Access Analyzer CGI Standard
 CVE-2008-5808 (Cross-site scripting (XSS) vulnerability in Six Apart Movable
Type ...)
-	TODO: check
+	NOT-FOR-US: Six Apart Movable Type Enterprise
 CVE-2006-7236 (The default configuration of xterm on Debian GNU/Linux sid and
...)
-	TODO: check
+	- xterm 238-1 (medium; bug #510030)
 CVE-2008-5807 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink
before ...)
 	NOT-FOR-US: TestLink
 CVE-2008-5806 (SQL injection vulnerability in login.php in DeltaScripts PHP
...)

Modified: data/DSA/list
==================================================================---
data/DSA/list	2009-01-05 21:14:22 UTC (rev 10861)
+++ data/DSA/list	2009-01-05 21:27:30 UTC (rev 10862)
@@ -3,7 +3,7 @@
 	[etch] - ruby1.9 1.9.0+20060609-1etch4
 	[etch] - ruby1.8 1.8.5-4etch4
 [02 Jan 2009] DSA-1694-1 xterm - remote code execution
-	{CVE-2008-2383}
+	{CVE-2008-2383 CVE-2006-7236}
 	[etch] - xterm 222-1etch3
 [27 Dec 2008] DSA-1693-1 phppgadmin - several vulnerabilities
 	{CVE-2007-2865 CVE-2007-5728 CVE-2008-5587}

Modified: data/DTSA/list
==================================================================---
data/DTSA/list	2009-01-05 21:14:22 UTC (rev 10861)
+++ data/DTSA/list	2009-01-05 21:27:30 UTC (rev 10862)
@@ -543,5 +543,5 @@
 	[lenny] - uw-imap 2007b~dfsg-4+lenny3
 	NOTE: regression fix for DTSA-174-1 + additional patch
 [January 05th, 2009] DTSA-182-1 xterm - remote code execution
-	{CVE-2008-2383}
+	{CVE-2008-2383 CVE-2006-7236}
 	[lenny] - xterm 235-2
Secure testing commits - Jan 2009 - r10862 - in data: CVE DSA DTSA

[Secure-testing-commits] r10862 - in data: CVE DSA DTSA
