atomo64-guest at alioth.debian.org
2009-Jan-29 04:03 UTC
[Secure-testing-commits] r11090 - data/CVE
Author: atomo64-guest
Date: 2009-01-29 04:03:55 +0000 (Thu, 29 Jan 2009)
New Revision: 11090
Modified:
data/CVE/list
Log:
One known xss issue in horde3 fixed, two other untracked issues recorded
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-01-28 22:27:48 UTC (rev 11089)
+++ data/CVE/list 2009-01-29 04:03:55 UTC (rev 11090)
@@ -1,3 +1,5 @@
+CVE-2009-XXXX [file inclusion vuln in util/barcode.php and XSS in horde3]
+ - horde3 3.2.2+debian0-2 (bug #513265)
CVE-2009-0318 (Untrusted search path vulnerability in the GObject Python
interpreter ...)
- gnumeric <unfixed> (low; bug #513418)
CVE-2009-0317 (Untrusted search path vulnerability in the Python language
bindings ...)
@@ -458,7 +460,7 @@
CVE-2008-5920 (The create_anchors function in utils.inc in WebSVN 1.x allows
remote ...)
- websvn 1.61-21 (bug #503330)
CVE-2008-5917 (Cross-site scripting (XSS) vulnerability in the XSS filter ...)
- - horde3 <unfixed> (bug #512592)
+ - horde3 3.2.2+debian0-2 (bug #512592)
CVE-2008-5916 (gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6,
1.5.6.x ...)
{DSA-1708-1}
- git-core 1:1.5.6.5-2 (low)