[Secure-testing-commits] r28971 - data/CVE

Tue, 23 Sep 2014 00:19:40 -0700 

Author: helmutg
Date: 2014-09-23 06:59:11 +0000 (Tue, 23 Sep 2014)
New Revision: 28971

Modified:
   data/CVE/list
Log:
various typo3 extensions are NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-09-23 06:58:22 UTC (rev 28970)
+++ data/CVE/list       2014-09-23 06:59:11 UTC (rev 28971)
@@ -879,27 +879,28 @@
        - procmail 3.22-22 (bug #760443)
        NOTE: http://www.openwall.com/lists/oss-security/2014/09/03/8
 CVE-2014-6241 (SQL injection vulnerability in the wt_directory extension 
before 1.4.1 ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension wt_directory
 CVE-2014-6240 (Cross-site scripting (XSS) vulnerability in the Google Sitemap 
...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension weeaar_googlesitemap
 CVE-2014-6239 (SQL injection vulnerability in the Address visualization with 
Google ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension st_address_map
 CVE-2014-6238 (Cross-site scripting (XSS) vulnerability in the Akronymmanager 
(aka SB ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension Akronymmanager
 CVE-2014-6237 (Cross-site scripting (XSS) vulnerability in the News Pack 
extension ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension News Pack
 CVE-2014-6236 (Unspecified vulnerability in the LumoNet PHP Include 
(lumophpinclude) ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension lumophpinclude
 CVE-2014-6235 (Unspecified vulnerability in the ke DomPDF extension before 
0.0.5 for ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension DomPDF
 CVE-2014-6234 (Cross-site scripting (XSS) vulnerability in the Open Graph 
protocol ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension jh_opengraphprotocol
 CVE-2014-6233 (SQL injection vulnerability in the Flat Manager (flatmgr) 
extension ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension flatmgr
 CVE-2014-6232 (Unspecified vulnerability in the LDAP (eu_ldap) extension 
before ...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension eu_ldap
 CVE-2014-6231 (Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) 
...)
-       TODO: check
+       NOT-FOR-US: Typo3 extension cwt_feedit
+       NOTE: This is different from the feedit extension in typo3-src.
 CVE-2014-6227
        RESERVED
 CVE-2014-6226


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to