Author: carnil Date: 2017-01-14 10:46:19 +0000 (Sat, 14 Jan 2017) New Revision: 48024
Modified: data/CVE/list Log: src:dotclear removed from stable Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-14 10:28:51 UTC (rev 48023) +++ data/CVE/list 2017-01-14 10:46:19 UTC (rev 48024) @@ -5204,7 +5204,6 @@ RESERVED CVE-2016-9891 (Cross-site scripting (XSS) vulnerability in admin/media.php and ...) - dotclear <removed> - [jessie] - dotclear <no-dsa> (Minor issue, will be removed from stable) CVE-2016-9890 RESERVED CVE-2016-9889 (Some forms with the parameter geo_zoomlevel_to_found_location in Tiki ...) @@ -13290,7 +13289,6 @@ RESERVED CVE-2016-9268 (Unrestricted file upload vulnerability in the Blog appearance in the ...) - dotclear <removed> - [jessie] - dotclear <no-dsa> (Minor issue) NOTE: http://dev.dotclear.org/2.0/changeset/445e9ff79a1fa81033591761d6a340e219d159b2 NOTE: http://dev.dotclear.org/2.0/ticket/2214 CVE-2016-9267 @@ -18031,11 +18029,9 @@ RESERVED CVE-2016-7903 (Dotclear before 2.10.3, when the Host header is not part of the web ...) - dotclear <removed> - [jessie] - dotclear <no-dsa> (Minor issue) NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/bb06343f4247 CVE-2016-7902 (Unrestricted file upload vulnerability in the fileUnzip->unzip method ...) - dotclear <removed> - [jessie] - dotclear <no-dsa> (Minor issue) NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/a9db771a5a70 CVE-2016-7901 REJECTED @@ -22175,7 +22171,6 @@ NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e CVE-2016-6523 (Multiple cross-site scripting (XSS) vulnerabilities in the media ...) - dotclear <removed> - [jessie] - dotclear <no-dsa> (Minor issue) NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/40d0207e520d CVE-2016-6522 RESERVED @@ -29836,7 +29831,6 @@ NOTE: https://github.com/mm2/Little-CMS/commit/fefaaa43c382eee632ea3ad0cfa915335140e1db#diff-189a94f0a7a47efdd43f5567e27a973b CVE-2016-XXXX [XSS] - dotclear <removed> - [jessie] - dotclear <no-dsa> (Minor issue) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/04/9 CVE-2016-4482 (The proc_connectinfo function in drivers/usb/core/devio.c in the Linux ...) {DSA-3607-1 DLA-516-1} @@ -34154,7 +34148,6 @@ CVE-2015-8832 [media exclusion control enforcement] RESERVED - dotclear <removed> (bug #815979) - [jessie] - dotclear <no-dsa> (Minor issue; workaround possible; can be fixed via a point release) NOTE: https://hg.dotclear.org/dotclear/rev/198580bc3d80 NOTE: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2 NOTE: Fixed upstream in 2.8.2 @@ -34162,7 +34155,6 @@ CVE-2015-8831 [potential XSS vulnerability in comments's list] RESERVED - dotclear <removed> (bug #815979) - [jessie] - dotclear <no-dsa> (Minor issue; can be fixed via a point release) NOTE: https://hg.dotclear.org/dotclear/rev/65e65154dadf NOTE: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2 NOTE: Fixed upstream in 2.8.2 @@ -52109,7 +52101,6 @@ NOT-FOR-US: Python on Windows CVE-2015-5651 (Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 ...) - dotclear <removed> (bug #815979) - [jessie] - dotclear <no-dsa> (Minor issue) NOTE: http://dotclear.org/blog/post/2015/09/23/Dotclear-2.8.1 CVE-2015-5650 (Directory traversal vulnerability in AjaXplorer 2.0 allows remote ...) TODO: check _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits