jmm-guest at alioth.debian.org
2009-Jan-10 11:44 UTC
[Secure-testing-commits] r10918 - data/CVE
Author: jmm-guest Date: 2009-01-10 11:44:33 +0000 (Sat, 10 Jan 2009) New Revision: 10918 Modified: data/CVE/list Log: - new openslp issue doesn''t affect debian - NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-01-10 11:16:49 UTC (rev 10917) +++ data/CVE/list 2009-01-10 11:44:33 UTC (rev 10918) @@ -1,31 +1,33 @@ +CVE-2009-XXXX [openslp: insecure cert validation through openssl api misuse] + - openslp-dfsg <not-affected> (Debian''s openslp doesn''t build with SSL support) CVE-2009-0114 RESERVED CVE-2009-0113 (Directory traversal vulnerability in attachmentlibrary.php in the ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-0112 (Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + NOT-FOR-US: PollPro CVE-2009-0111 (SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and ...) - TODO: check + NOT-FOR-US: Goople CMS CVE-2009-0110 (SQL injection vulnerability in read.php in RiotPix 0.61 and earlier ...) - TODO: check + NOT-FOR-US: RiotPix CVE-2009-0109 (SQL injection vulnerability in index.php in RiotPix 0.61 and earlier ...) - TODO: check + NOT-FOR-US: RiotPix CVE-2009-0108 (PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: PHPAuctions CVE-2009-0107 (Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions ...) - TODO: check + NOT-FOR-US: PHPAuctions CVE-2009-0106 (SQL injection vulnerability in profile.php in PHPAuctions (aka ...) - TODO: check + NOT-FOR-US: PHPAuctions CVE-2009-0105 (Cross-site scripting (XSS) vulnerability in index.php in EZpack 4.2b2 ...) - TODO: check + NOT-FOR-US: EZpack CVE-2009-0104 (SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote ...) - TODO: check + NOT-FOR-US: EZpack CVE-2009-0103 (Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 ...) - TODO: check + NOT-FOR-US: playSMS CVE-2008-5882 (SQL injection vulnerability in login.asp in Citrix Application Gateway ...) - TODO: check + NOT-FOR-US: Citrix CVE-2008-5881 (Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow ...) - TODO: check + NOT-FOR-US: playSMS CVE-2009-0102 RESERVED CVE-2009-0101