Secure testing commits - May 2012 - r19203 - data/CVE

Author: fgeek-guest
Date: 2012-05-10 22:25:08 +0000 (Thu, 10 May 2012)
New Revision: 19203

Modified:
   data/CVE/list
Log:
Removed Cacti XSS vulnerability from TODO-list. Migrated with DSA-1569-1
(CVE-2008-0783, CVE-2008-0785).

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-05-10 21:59:29 UTC (rev 19202)
+++ data/CVE/list	2012-05-10 22:25:08 UTC (rev 19203)
@@ -43499,11 +43499,6 @@
 	NOT-FOR-US: MyKtools
 CVE-2008-6814 (Unrestricted file upload vulnerability in image_upload.php in
the ...)
 	NOT-FOR-US: SimpleBoard for Mambo
-CVE-2009-XXXX [cacti: xss vulnerability]
-	- cacti 0.8.7b-1 (low; bug #530919)
-	NOTE: cve id requested, but seems to be in limbo; see bug report for
discussion
-	[etch] - cacti 0.8.6i-3.3
-	NOTE: Fixed in DSA-1569-1
 CVE-2009-1798 (Multiple cross-site scripting (XSS) vulnerabilities on the
Network ...)
 	NOT-FOR-US: APC
 CVE-2009-1797 (Multiple cross-site request forgery (CSRF) vulnerabilities on
the ...)
@@ -62711,13 +62706,14 @@
 	NOTE: this is prevented by PHP since 4.4.2/5.1.2.
 CVE-2008-0785 (Multiple SQL injection vulnerabilities in Cacti 0.8.7 before
0.8.7b ...)
 	{DSA-1569-1}
-	- cacti 0.8.7b-1
+	- cacti 0.8.7b-1 (low; bug #530919)
 CVE-2008-0784 (graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k
allows ...)
 	- cacti 0.8.7b-1 (unimportant)
 	NOTE: paths on Debian already known
 CVE-2008-0783 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti
0.8.7 ...)
 	{DSA-1569-1}
-	- cacti 0.8.7b-1
+	- cacti 0.8.7b-1 (low; bug #530919)
+	[etch] - cacti 0.8.6i-3.3
 CVE-2008-0782 (Directory traversal vulnerability in MoinMoin 1.5.8 and earlier
allows ...)
 	{DSA-1514-1}
 	- moin 1.5.8-5.1