Author: nion
Date: 2009-04-06 16:12:03 +0000 (Mon, 06 Apr 2009)
New Revision: 11567
Modified:
data/CVE/list
Log:
spip made it back into debian with a lot of fixed issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-06 16:07:20 UTC (rev 11566)
+++ data/CVE/list 2009-04-06 16:12:03 UTC (rev 11567)
@@ -4411,9 +4411,9 @@
TODO: check php4
NOTE: there's not enough information available, no known bug, no known
fix
CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8
before ...)
- NOT-FOR-US: SPIP
+ - spip 2.0.6-1
CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b,
1.9 ...)
- NOT-FOR-US: SPIP
+ - spip 2.0.6-1
CVE-2008-5811 (SQL injection vulnerability in the PaxGallery (com_paxgallery)
...)
NOT-FOR-US: joomla
CVE-2008-5810 (WBPublish (aka WBPublish.exe) in Fujitsu-Siemens
WebTransactions 7.0, ...)
@@ -24721,7 +24721,7 @@
CVE-2007-4526 (The Client Login Extension (CLE) in Novell Identity Manager
before ...)
NOT-FOR-US: Novell Identity Manager
CVE-2007-4525 (** DISPUTED ** ...)
- NOT-FOR-US: SPIP (was in unstable some time, but not in any supported
release)
+ - spip 2.0.6-1
CVE-2007-4524 (PHP remote file inclusion vulnerability in adisplay.php in
PhPress ...)
NOT-FOR-US: PhPress
CVE-2007-4523 (Multiple cross-site scripting (XSS) vulnerabilities in Ripe
Website ...)
@@ -48153,7 +48153,7 @@
CVE-2006-1703 (PHP remote file inclusion vulnerability in lire.php in Sire 2.0
nws ...)
NOT-FOR-US: Sire 2.0 nws
CVE-2006-1702 (PHP remote file inclusion vulnerability in spip_login.php3 in
SPIP ...)
- NOT-FOR-US: SPIP
+ - spip 2.0.6-1
CVE-2006-1701 (Cross-site scripting (XSS) vulnerability in the Pages module in
...)
NOT-FOR-US: Shadowed Portal
CVE-2006-1700 (Buy.php in Aweb Scripts Seller uses predictable cookies for ...)
@@ -49155,7 +49155,7 @@
CVE-2006-1296 (Untrusted search path vulnerability in Beagle 0.2.2.1 might
allow ...)
- beagle 0.2.3-1 (bug #357392; low)
CVE-2006-1295 (Cross-site scripting (XSS) vulnerability in recherche.php3 in
SPIP ...)
- NOT-FOR-US: SPIP
+ - spip 2.0.6-1
CVE-2006-1294 (PHP remote file include vulnerability in PageController.php in
...)
NOT-FOR-US: KnowledgebasePublisher
CVE-2006-1293 (Cross-site scripting (XSS) vulnerability in index.php in
Contrexx CMS ...)
@@ -50986,16 +50986,16 @@
CVE-2006-0520 (SQL injection vulnerability index.php in Dragoran Portal module
1.3 ...)
NOT-FOR-US: Invision Power Board
CVE-2006-0519 (SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier
allows ...)
- - spip <removed> (medium; bug #351336)
+ - spip 2.0.6-1 (medium; bug #351336)
CVE-2006-0518 (Cross-site scripting (XSS) vulnerability in index.php3 in SPIP
1.8.2-e ...)
- - spip <removed> (medium; bug #351335)
+ - spip 2.0.6-1 (medium; bug #351335)
CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...)
- - spip <removed> (medium; bug #351334)
+ - spip 2.0.6-1 (medium; bug #351334)
CVE-2006-0625 (Directory traversal vulnerability in Spip_RSS.PHP in SPIP
1.8.2g and ...)
- - spip <removed> (medium; bug #352076)
+ - spip 2.0.6-1 (medium; bug #352076)
NOTE: http://www.securityfocus.com/bid/16556
CVE-2006-0626 (SQL injection vulnerability in spip_acces_doc.php3 in SPIP
1.8.2g and ...)
- - spip <removed> (medium; bug #352077)
+ - spip 2.0.6-1 (medium; bug #352077)
NOTE: http://www.securityfocus.com/bid/16551
CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris
10 64 ...)
NOT-FOR-US: Solaris
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
