Author: carnil Date: 2013-10-29 07:07:34 +0000 (Tue, 29 Oct 2013) New Revision: 24199
Modified: data/CVE/list Log: dolibarr was accepted into the archive Change all <itp> tagged items to unfixed and add a TODO item Modified: data/CVE/list =================================================================== --- data/CVE/list 2013-10-28 21:40:19 UTC (rev 24198) +++ data/CVE/list 2013-10-29 07:07:34 UTC (rev 24199) @@ -10266,13 +10266,16 @@ [squeeze] - linux-2.6 <not-affected> (Vulnerable code not present) CVE-2013-2093 RESERVED - - dolibarr <itp> (bug #634783) + - dolibarr <unfixed> + TODO: check CVE-2013-2092 RESERVED - - dolibarr <itp> (bug #634783) + - dolibarr <unfixed> + TODO: check CVE-2013-2091 RESERVED - - dolibarr <itp> (bug #634783) + - dolibarr <unfixed> + TODO: check CVE-2013-2090 [Remote command Injection] RESERVED NOT-FOR-US: Creme Fraiche Ruby Gem @@ -29985,9 +29988,11 @@ CVE-2012-1227 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...) NOT-FOR-US: pluck CVE-2012-1226 (Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 ...) - - dolibarr <itp> (bug #634783) + - dolibarr <unfixed> + TODO: check CVE-2012-1225 (Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and ...) - - dolibarr <itp> (bug #634783) + - dolibarr <unfixed> + TODO: check CVE-2012-1224 (Cross-site scripting (XSS) vulnerability in system/classes/login.php ...) NOT-FOR-US: ContentLion Alpha CVE-2012-1223 (RabidHamster R2/Extreme 1.65 and earlier uses a small search space of ...) @@ -33629,7 +33634,8 @@ CVE-2012-0121 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...) NOT-FOR-US: HP Data Protector Express CVE-2011-4814 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 ...) - - dolibarr <itp> (bug #634783) + - dolibarr <unfixed> + TODO: check CVE-2011-4813 (Directory traversal vulnerability in clientarea.php in ...) NOT-FOR-US: WHMCompleteSolution CVE-2011-4812 (Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro ...) @@ -33653,7 +33659,8 @@ CVE-2011-4803 (SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin ...) NOT-FOR-US: WPTouch WordPress plugin CVE-2011-4802 (Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and ...) - - dolibarr <itp> (bug #634783) + - dolibarr <unfixed> + TODO: check CVE-2011-4801 (SQL injection vulnerability in akeyActivationLogin.do in Authenex Web ...) NOT-FOR-US: Authenex Strong Authentication System CVE-2011-4800 (Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 ...) @@ -35194,7 +35201,8 @@ - linux-2.6 3.1.4-1 [squeeze] - linux-2.6 2.6.32-40 CVE-2011-4329 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 ...) - - dolibarr <itp> (bug #634783) + - dolibarr <unfixed> + TODO: check CVE-2011-4328 (plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions ...) {DSA-2435-1} - gnash 0.8.10-1 (low; bug #649384) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits