CVE-2007-0166 kfreebsd-5 not affected.

Reverted joomla to <itp> (Because tracker will automatically tell us when they get uploaded to unstable. Thanks sf)



git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5368 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 20 insertions, 22 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 30f03eb913..b7bfd29cdf 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -208,9 +208,7 @@ CVE-2007-0389 (Directory traversal vulnerability in ArsDigita Community System (
 CVE-2007-0388 (SQL injection vulnerability in search.php in Woltlab Burning Board ...)
 	NOT-FOR-US: Woltlab Burning Board
 CVE-2007-0387 (SQL injection vulnerability in models/category.php in the Weblinks ...)
-	- joomla <not-affected>
-	NOTE: Joomla is a new package in Debian.
-	NOTE: see http://ftp-master.debian.org/new.html
+	- joomla <itp>
 CVE-2007-0386 (Unspecified vulnerability in the rating section in PostNuke 0.764 has ...)
 	NOT-FOR-US: PostNuke
 CVE-2007-0385 (The faq section in PostNuke 0.764 allows remote attackers to obtain ...)
@@ -234,14 +232,14 @@ CVE-2007-0377 (Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remo
 CVE-2007-0376 (Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows ...)
 	NOT-FOR-US: Virtuemart
 CVE-2007-0375 (Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2007-0374 (SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and ...)
 	- mambo <unfixed>
-	- joomla <not-affected>
+	- joomla <itp>
 	NOTE: Mantainer working in new upstream version of Joomla and waiting patch
 	NOTE: for Mambo.
 CVE-2007-0373 (Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2007-0372 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 ...)
 	NOT-FOR-US: PHP-Nuke
 CVE-2007-0371 (A certain ActiveX control in the Common Controls Replacement Project ...)
@@ -765,7 +763,7 @@ CVE-2007-0168 (The Tape Engine service in Computer Associates (CA) BrightStor ..
 CVE-2007-0167 (Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search ...)
 	NOT-FOR-US: PPC Search
 CVE-2007-0166 (The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify ...)
-	TODO: check FreeBSD
+	- kfreebsd-5 <nof-affected>
 CVE-2007-0165 (Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows ...)
 	NOT-FOR-US: Solaris
 CVE-2007-0164 (Camouflage 1.2.1 embeds password information in the carrier file, ...)
@@ -6577,28 +6575,28 @@ CVE-2006-4478 (SQL injection vulnerability in headeruserdata.php in Visual Shape
 CVE-2006-4477 (Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ...)
 	NOT-FOR-US: ezContents
 CVE-2006-4476 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4475 (Joomla! before 1.0.11 does not limit access to the Admin Popups ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4474 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
-	- joomla <not-affected>
+	- joomla <itp>
 	NOTE: Joomla is a new package and the version 1.0.12-2 is not affected.
 CVE-2006-4473 (Unspecified vulnerability in com_content in Joomla! before 1.0.11, ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4472 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4471 (The Admin Upload Image functionality in Joomla! before 1.0.11 allows ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4470 (Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4469 (Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4468 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4467 (Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before ...)
 	NOT-FOR-US: Simple Machines Forum
 CVE-2006-4466 (Joomla! before 1.0.11 does not properly unset variables when the input ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-4465 (** DISPUTED ** ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-4464 (The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, ...)
@@ -8890,9 +8888,9 @@ CVE-2006-3483 (PHPMailList 1.8.0 stores sensitive information under the web docu
 CVE-2006-3482 (Cross-site scripting (XSS) vulnerability in maillist.php in ...)
 	NOT-FOR-US: PHPMailList
 CVE-2006-3481 (Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-3480 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-3479 (Cross-site request forgery (CSRF) vulnerability in the del_block ...)
 	NOT-FOR-US: Nuked-Klan
 CVE-2006-3478 (PHP remote file inclusion vulnerability in ...)
@@ -10026,7 +10024,7 @@ CVE-2006-2962 (PHP remote file inclusion vulnerability in sql_fcnsOLD.php in ...
 CVE-2006-2961 (Stack-based buffer overflow in CesarFTP 0.99g and earlier allows ...)
 	NOT-FOR-US: CesarFTP
 CVE-2006-2960 (PHP remote file inclusion vulnerability in includes/joomla.php in ...)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-2959 (SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 ...)
 	NOT-FOR-US: Snitz Forum
 CVE-2006-2958 (Directory traversal vulnerability in FilZip 3.05 allows remote ...)
@@ -12379,10 +12377,10 @@ CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow r
 	NOT-FOR-US: WWWThreads
 CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...)
 	- mambo 4.6.1-4 (bug #364769; medium)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...)
 	- mambo 4.6.1-4 (bug #364769; medium)
-	- joomla <not-affected>
+	- joomla <itp>
 CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas ...)
 	NOT-FOR-US: RechnungsZentrale
 CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka ...)