On Tue, 29 Jul 2008 10:11:41 am kees@alioth.debian.org wrote:
> Author: kees
> Date: 2008-07-29 00:11:39 +0000 (Tue, 29 Jul 2008)
> New Revision: 9457
>
> Modified:
> data/CVE/list
> Log:
> NFUs: 4
>
> Modified: data/CVE/list
> ===================================================================
> --- data/CVE/list 2008-07-28 21:50:57 UTC (rev 9456)
> +++ data/CVE/list 2008-07-29 00:11:39 UTC (rev 9457)
> @@ -45,7 +45,7 @@
> CVE-2008-3313 (Multiple PHP remote file inclusion vulnerabilities in
> CreaCMS 1.0 ...) NOT-FOR-US: CreaCMS
> CVE-2008-3312 (Directory traversal vulnerability in ...)
> - TODO: check
> + NOT-FOR-US: Lemon CMS
I might be wrong here, but isn't this the usual Fckeditor code, which is
embedded in a few packages? At the moment, the embedded-code-copies file
says:
fckeditor
- knowledgeroot 0.9.8.5-3 (embed; bug #461555)
- moin <unfixed> (embed; bug #452599)
- karrigell <removed> (embed; bug #452598)
- gforge-plugins-extra 4.6.99+svn6225-1 (embed)
However, I do believe this list is incomplete :/
Cheers
Steffen
Attachment:
signature.asc
Description: This is a digitally signed message part.