gforge advisory added

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@6539 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Nico Golde <nion@debian.org> 2007-09-07 20:16:13 +0000
committer: Nico Golde <nion@debian.org> 2007-09-07 20:16:13 +0000
commit: 9c5bab3900fdc3facd2e2812e81b07fc027aa500 (patch)
tree: 47c07b0e4016a93c9cb3a6f989205d6e921886f8 /data/DTSA/advs
parent: 8197a32736a8fda0f7719aa5cdcfc992f95ebad1 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/data/DTSA/advs/57.gforge.adv b/data/DTSA/advs/57.gforge.adv
new file mode 100644
index 0000000000..4b111b82ee
--- /dev/null
+++ b/data/DTSA/advs/57.gforge.adv
@@ -0,0 +1,20 @@
+source: gforge
+date: September 9, 2007
+author: Nico Golde
+vuln-type: sql injection
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2007-3913
+vendor-advisory:
+testing-fix: 4.5.14-23lenny2
+sid-fix: 4.6.99+svn6086-1
+upgrade: apt-get upgrade
+
+The gforge collaborative development environment is prone
+to an SQL injection due to insufficient input sanitizing.
+
+CVE-2007-3913
+
+SQL injection vulnerability in Gforge before 3.1 allows
+remote attackers to execute arbitrary SQL commands via
+unspecified vectors.
author	Nico Golde <nion@debian.org>	2007-09-07 20:16:13 +0000
committer	Nico Golde <nion@debian.org>	2007-09-07 20:16:13 +0000
commit	9c5bab3900fdc3facd2e2812e81b07fc027aa500 (patch)
tree	47c07b0e4016a93c9cb3a6f989205d6e921886f8 /data/DTSA/advs
parent	8197a32736a8fda0f7719aa5cdcfc992f95ebad1 (diff)