typo3 got CVE

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@9088 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Thijs Kinkhorst <thijs@debian.org> 2008-06-17 09:25:21 +0000
committer: Thijs Kinkhorst <thijs@debian.org> 2008-06-17 09:25:21 +0000
commit: d14ae9759fef4cf955f8b578a0246d17b865b6f2 (patch)
tree: 28bd1fae2717ba7d19913ec9a55e6b86f7ab5b2b /data
parent: a2fe497fe240a71fc983d007ecb49a997c89f360 (diff)
2 files changed, 2 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 7f2320fd0b..8be2998951 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19,10 +19,8 @@ CVE-2008-XXXX [gallery multiple security issues]
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
 	NOTE: CVE id request was already on oss-security
-CVE-2008-XXXX [typo3 code execution & xss]
+CVE-2008-2717 [typo3 code execution & xss]
 	- typo3-src 4.1.7-1 (bug #485814)
-	NOTE: CVE id requested
-	NOTE: fixed in DSA 1596-1, but no CVE yet
 CVE-2008-2685 (SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 ...)
 	NOT-FOR-US: Battle Blog
 CVE-2008-2684 (The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black ...)
diff --git a/data/DSA/list b/data/DSA/list
index 6020640a5b..90aba07ba5 100644
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -2,6 +2,7 @@
 	{CVE-2007-5824 CVE-2007-5825 CVE-2008-1771}
 	[etch] - mt-daapd 0.2.4+r1376-1.1+etch1
 [12 Jun 2008] DSA-1596-1 typo3-src - several vulnerabilities
+	{CVE-2008-2717}
 	[etch] - typo3-src 4.0.2+debian-5
 [11 Jun 2008] DSA-1595-1 xorg-server - several vulnerabilities
 	{CVE-2008-1377 CVE-2008-1379 CVE-2008-2360 CVE-2008-2361 CVE-2008-2362}
author	Thijs Kinkhorst <thijs@debian.org>	2008-06-17 09:25:21 +0000
committer	Thijs Kinkhorst <thijs@debian.org>	2008-06-17 09:25:21 +0000
commit	d14ae9759fef4cf955f8b578a0246d17b865b6f2 (patch)
tree	28bd1fae2717ba7d19913ec9a55e6b86f7ab5b2b /data
parent	a2fe497fe240a71fc983d007ecb49a997c89f360 (diff)