[Secure-testing-commits] r14735 - data/CVE

Thijs Kinkhorst Mon, 24 May 2010 05:34:11 -0700

Author: thijs
Date: 2010-05-24 12:32:11 +0000 (Mon, 24 May 2010)
New Revision: 14735


Modified:
   data/CVE/list
Log:
phpbb3 updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-05-24 10:17:15 UTC (rev 14734)
+++ data/CVE/list       2010-05-24 12:32:11 UTC (rev 14735)
@@ -867,7 +867,7 @@
 CVE-2010-1631
        RESERVED
 CVE-2010-1630 (Unspecified vulnerability in posting.php in phpBB before 3.0.5 
has ...)
-       - phpbb3 <unfixed>
+       - phpbb3 3.0.7-PL1-1
 CVE-2010-1629 (Cross-site scripting (XSS) vulnerability in Phorum before 
5.2.15 ...)
        NOT-FOR-US: Phorum
 CVE-2010-1628 (Ghostscript 8.64, 8.70, and possibly other versions allows ...)
@@ -876,7 +876,7 @@
        NOTE: https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/546009
        NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=691295
 CVE-2010-1627 (feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly 
check ...)
-       - phpbb3 <unfixed>
+       - phpbb3 3.0.7-PL1-1
 CVE-2010-1626
        RESERVED
        - mysql-dfsg-5.1 <unfixed>
@@ -2872,7 +2872,9 @@
        NOTE: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4931.php
        NOTE: obscure exploit scenario, not reproducible
 CVE-2010-XXXX [phpbb 3.0.7 permissions bypass]
-       - phpbb3 <not-affected> (older version is in the archive)
+       - phpbb3 3.0.7-PL1
+       [lenny] - phpbb3 <not-affected> (older version is in the archive)
+       [squeeze] - phpbb3 <not-affected> (older version is in the archive)
        NOTE: http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195
 CVE-2010-0928 (OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx 
...)
        - openssl <unfixed> (unimportant)
@@ -3744,7 +3746,7 @@
        - pyfribidi 0.10.0-2 (bug #570068)
        [lenny] - pyfribidi <not-affected> (fribidi 0.19.1 or higher needs to 
be installed to trigger this)
 CVE-2010-XXXX [phpbb3 weak captcha]
-       - phpbb3 <unfixed> (unimportant; bug #570011)
+       - phpbb3 3.0.7-PL1-1 (unimportant; bug #570011)
 CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator 
(flex) ...)
        - flex 2.5.35-1
 CVE-2010-0629 (Use-after-free vulnerability in kadmin/server/server_stubs.c in 
...)
@@ -4503,10 +4505,9 @@
        - sudosh3 <unfixed> (high; bug #566142)
        NOTE: package is likely to be removed
 CVE-2010-XXXX [phpbb: many issues]
-       - phpbb3 <undetermined>
+       - phpbb3 3.0.7-PL1-1
        - phpbb2 <removed>
        NOTE: http://www.openwall.com/lists/oss-security/2010/01/16/2
-       TODO: check
 CVE-2010-0379 (Multiple unspecified vuilnerabilities in the Macromedia Flash 
ActiveX ...)
        NOT-FOR-US: Macromedia Flash ActiveX
 CVE-2010-0378 (Use-after-free vulnerability in Adobe Flash Player 6.0.79, as 
...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r14735 - data/CVE

Reply via email to