Revert "Update old CVEs for phpmyadmin"

The vulnerablities are not just not affected because they are not
present in any supported suites.

The fixing version needs either to be pin-pointed or the entries
otherwise keept as they are now.

This reverts commit 7b2a44081ee909fbc5d69a7aa8257a7ab1b5de27.

3 files changed, 6 insertions, 5 deletions

diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 3a51825bab..1033c03948 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1251,8 +1251,8 @@ CVE-2005-4351 (The securelevels implementation in FreeBSD 7.0 and earlier, OpenB
 	- linux-2.6 2.6.18-3
 CVE-2005-4350 (Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 an ...)
 	NOT-FOR-US: WBEM Services
-CVE-2005-4349 (SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7 ...)
-	- phpmyadmin <not-affected> (vulnerable code is not present)
+CVE-2005-4349
+	- phpmyadmin <unfixed> (unimportant)
 	NOTE: Only for authenticated used, will possibly be rejected
 CVE-2005-4348 (fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidr ...)
 	{DSA-939-1}
@@ -2885,7 +2885,7 @@ CVE-2005-3623 (nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SAT
 	[sarge] - kernel-source-2.6.8 <not-affected> (Does not contain NFS ACLs)
 	- linux-2.6 2.6.14-7
 CVE-2005-3622 (phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain t ...)
-	- phpmyadmin <not-affected> (vulnerable code is not present)
+	- phpmyadmin <unfixed> (unimportant)
 CVE-2005-3620 (The management interface for VMware ESX Server 2.0.x before 2.0.2 patc ...)
 	NOT-FOR-US: VMware ESX
 CVE-2005-3619 (Cross-site scripting (XSS) vulnerability in the management interface f ...)
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index ca4a78088e..fc416f094f 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -2011,7 +2011,7 @@ CVE-2006-6374 (Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 a
 	[etch] - phpmyadmin <not-affected> (not exploitable with Etch's php versions)
 	NOTE: not exploitable with PHP 5.1.2+ and 4.4.2+
 CVE-2006-6373 (PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive infor ...)
-	- phpmyadmin <not-affected> (vulnerable code is not present)
+	- phpmyadmin <unfixed> (unimportant)
 	NOTE: path is known in Debian anyway
 CVE-2006-6372 (Multiple cross-site scripting (XSS) vulnerabilities in pbguestbook.php ...)
 	NOT-FOR-US: JAB Guest Book
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 9006aafb51..fb3b5cee72 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -5877,7 +5877,8 @@ CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SC
 CVE-2007-4307 (Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 a ...)
 	NOT-FOR-US: Storesprite
 CVE-2007-4306 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10 ...)
-	- phpmyadmin <not-affected> (vulnerable code is not present)
+	- phpmyadmin <unfixed> (unimportant)
+	[sarge] - phpmyadmin <not-affected>
 	NOTE: It seems that this requires knowledge of a unguessable session token.
 	NOTE: Confirmed by upstream. Sarge is not affected at all.
 CVE-2007-4305 (Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail  ...)