Author: thijs Date: 2010-01-13 15:38:08 +0000 (Wed, 13 Jan 2010) New Revision: 13798 Modified: data/CVE/list Log: newly assigned phpmyadmin issues. need to investigate whether impact on Debian is real Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-13 09:15:03 UTC (rev 13797) +++ data/CVE/list 2010-01-13 15:38:08 UTC (rev 13798) @@ -115,6 +115,11 @@ NOT-FOR-US: Kingston USB flash drives CVE-2010-0220 (The nsObserverList::FillObserverArray function in ...) TODO: check +CVE-2009-4605 [phpMyAdmin 2.11.10 unserialize fix] + - phpmyadmin <not-affected> (Vulnerable code removed) + [lenny] - phpmyadmin <unfixed> + [etch] - phpmyadmin <unfixed> + NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149 CVE-2009-4594 (Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access ...) NOT-FOR-US: IBM Lotus iNotes CVE-2009-4593 (The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not ...) @@ -681,6 +686,12 @@ NOT-FOR-US: Auto-Surf Traffic Exchange Script CVE-2009-4459 (Redmine 0.8.7 and earlier uses the title tag before defining the ...) - redmine <unfixed> (bug #563940) +CVE-2008-7252 [phpMyAdmin tempfile issue] + - phpmyadmin 4:3.0.0-1 + NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528 +CVE-2008-7251 [phpMyAdmin tempfile issue] + - phpmyadmin 4:3.0.0-1 + NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536 CVE-2008-7250 (Cross-site scripting (XSS) vulnerability in Squid Analysis Report ...) - sarg 2.2.5-1 (low) CVE-2008-7249 (Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and ...)