Author: fgeek-guest Date: 2015-01-31 13:52:15 +0000 (Sat, 31 Jan 2015) New Revision: 31869
Modified: data/CVE/list Log: CVEs assigned for roundcube and phpbb3 issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-01-31 13:00:36 UTC (rev 31868) +++ data/CVE/list 2015-01-31 13:52:15 UTC (rev 31869) @@ -1,5 +1,15 @@ -CVE-2015-XXXX [roundcube: XSS] +CVE-2015-1433 [roundcube: XSS] - roundcube <unfixed> (low; bug #776700) +CVE-2015-1432 [phpbb3: CSRF] + - phpbb3 <unfixed> (low; bug #776699) + [wheezy] - phpbb3 <no-dsa> (Minor issue) + [squeeze] - phpbb3 <no-dsa> (Minor issue) + NOTE: https://tracker.phpbb.com/browse/PHPBB3-13526 +CVE-2015-1431 [phpbb3: css injection] + - phpbb3 <unfixed> (low; bug #776699) + [wheezy] - phpbb3 <no-dsa> (Minor issue) + [squeeze] - phpbb3 <no-dsa> (Minor issue) + NOTE: https://tracker.phpbb.com/browse/PHPBB3-13531 CVE-2015-1425 RESERVED CVE-2015-1424 (Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and ...) @@ -183,13 +193,6 @@ CVE-2015-1401 RESERVED NOT-FOR-US: typo3 extension -CVE-2015-XXXX [phpbb3 csrf & css injection] - - phpbb3 <unfixed> (low; bug #776699) - [wheezy] - phpbb3 <no-dsa> (Minor issue) - [squeeze] - phpbb3 <no-dsa> (Minor issue) - NOTE: https://wiki.phpbb.com/Release_Highlights/3.0.13 - NOTE: https://github.com/phpbb/phpbb/pull/3311 - NOTE: https://github.com/phpbb/phpbb/pull/3316 CVE-2015-XXXX [can be crashed by some network traffic] - kgb-bot <unfixed> (bug #776424) CVE-2014-XXXX [Digest authentification never replay Ldap requests] _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits