Author: thijs Date: 2009-04-14 20:54:08 +0000 (Tue, 14 Apr 2009) New Revision: 11623 Modified: data/CVE/list Log: new phpmyadmin issue. unimportant because setup dir is passwd protected in debian, and script shouldn''t be writable anyway, so exploitation chance is very rare. etch&lenny not affected. Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-04-14 02:30:01 UTC (rev 11622) +++ data/CVE/list 2009-04-14 20:54:08 UTC (rev 11623) @@ -1,5 +1,8 @@ -CVE-2009-1285 +CVE-2009-1285 [phpMyAdmin PMASA-2009-4 insufficient escaping in setup script] RESERVED + - phpmyadmin 4:3.1.3.2-1 (unimportant) + [etch] - phpmyadmin <not-affected> (Vulnerable code not present) + [lenny] - phpmyadmin <not-affected> (Vulnerable code not present) CVE-2008-6714 (admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to ...) NOT-FOR-US: xeCMS CVE-2008-6713 (World in Conflict (WIC) 1.008 and earlier allows remote attackers to ...)