Author: jmm Date: 2011-10-01 10:41:04 +0000 (Sat, 01 Oct 2011) New Revision: 17343 Modified: data/CVE/list Log: phpmyadmin CVEfied, thijs, can you doublecheck the status after the split? Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-01 10:33:59 UTC (rev 17342) +++ data/CVE/list 2011-10-01 10:41:04 UTC (rev 17343) @@ -598,10 +598,14 @@ RESERVED CVE-2011-3593 RESERVED -CVE-2011-3592 +CVE-2011-3592 [phpMyAdmin did not properly sanitize the content of db, table, and column names prior use of their values.] RESERVED -CVE-2011-3591 + - phpmyadmin 4:3.4.5-1 +CVE-2011-3591 [PMASA-2011-14 XSS] RESERVED + - phpmyadmin 4:3.4.5-1 + [squeeze] - phpmyadmin <not-affected> (Vulnerable code not present) + [lenny] - phpmyadmin <not-affected> (Vulnerable code not present) CVE-2011-3590 RESERVED CVE-2011-3589 @@ -969,10 +973,6 @@ TODO: check CVE-2009-5096 (Cross-site scripting (XSS) vulnerability in the Flag Content module ...) TODO: check -CVE-2011-XXXX [PMASA-2011-14 XSS] - - phpmyadmin 4:3.4.5-1 - [squeeze] - phpmyadmin <not-affected> (Vulnerable code not present) - [lenny] - phpmyadmin <not-affected> (Vulnerable code not present) CVE-2011-XXXX [Django several vulnerabilities] - python-django 1.3.1-1 (bug #641405) NOTE: https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/