The branch, master has been updated
via 1c7cf7ef15bd28bdd37cf02143d0c0d22a15b57c (commit)
via f01918a0fe7320471680f9f5c4ad032975a01b28 (commit)
from 5be088e904b8a768dd8fe4add3614c0f61190b4d (commit)
- Log -----------------------------------------------------------------
commit 1c7cf7ef15bd28bdd37cf02143d0c0d22a15b57c
Author: Michal Čihař <mcihar(a)novell.com>
Date: Wed Dec 8 14:36:48 2010 +0100
Add references to CWE ids in security issues.
CWE provides categorisation of security issues.
commit f01918a0fe7320471680f9f5c4ad032975a01b28
Author: Michal Čihař <mcihar(a)novell.com>
Date: Wed Dec 8 14:28:22 2010 +0100
List separately commits for 2.11 branch.
-----------------------------------------------------------------------
Summary of changes:
templates/security/PMASA-2003-1 | 2 ++
templates/security/PMASA-2004-1 | 2 ++
templates/security/PMASA-2004-2 | 2 ++
templates/security/PMASA-2004-3 | 1 +
templates/security/PMASA-2004-4 | 2 ++
templates/security/PMASA-2005-1 | 1 +
templates/security/PMASA-2005-2 | 2 ++
templates/security/PMASA-2005-3 | 2 ++
templates/security/PMASA-2005-4 | 1 +
templates/security/PMASA-2005-5 | 1 +
templates/security/PMASA-2005-6 | 2 ++
templates/security/PMASA-2005-7 | 2 ++
templates/security/PMASA-2005-8 | 1 +
templates/security/PMASA-2005-9 | 2 ++
templates/security/PMASA-2006-1 | 2 ++
templates/security/PMASA-2006-2 | 2 +-
templates/security/PMASA-2006-3 | 1 +
templates/security/PMASA-2006-4 | 2 ++
templates/security/PMASA-2006-5 | 1 +
templates/security/PMASA-2006-6 | 1 +
templates/security/PMASA-2006-7 | 2 ++
templates/security/PMASA-2006-8 | 2 ++
templates/security/PMASA-2006-9 | 2 ++
templates/security/PMASA-2007-1 | 2 ++
templates/security/PMASA-2007-2 | 2 ++
templates/security/PMASA-2007-3 | 1 +
templates/security/PMASA-2007-4 | 1 +
templates/security/PMASA-2007-5 | 1 +
templates/security/PMASA-2007-6 | 1 +
templates/security/PMASA-2007-7 | 2 ++
templates/security/PMASA-2007-8 | 2 ++
templates/security/PMASA-2008-1 | 1 +
templates/security/PMASA-2008-10 | 2 ++
templates/security/PMASA-2008-2 | 1 +
templates/security/PMASA-2008-3 | 1 +
templates/security/PMASA-2008-4 | 2 ++
templates/security/PMASA-2008-5 | 1 +
templates/security/PMASA-2008-6 | 1 +
templates/security/PMASA-2008-7 | 2 ++
templates/security/PMASA-2008-8 | 2 ++
templates/security/PMASA-2008-9 | 2 ++
templates/security/PMASA-2009-1 | 2 ++
templates/security/PMASA-2009-2 | 2 ++
templates/security/PMASA-2009-3 | 2 ++
templates/security/PMASA-2009-4 | 2 ++
templates/security/PMASA-2009-5 | 2 ++
templates/security/PMASA-2009-6 | 2 ++
templates/security/PMASA-2010-1 | 2 ++
templates/security/PMASA-2010-2 | 2 ++
templates/security/PMASA-2010-3 | 2 ++
templates/security/PMASA-2010-4 | 2 ++
templates/security/PMASA-2010-5 | 2 ++
templates/security/PMASA-2010-6 | 2 ++
templates/security/PMASA-2010-7 | 2 ++
templates/security/PMASA-2010-8 | 5 +++++
templates/security/_PMASA_ | 6 ++++++
templates/security/_page.tpl | 10 +++++++++-
57 files changed, 110 insertions(+), 2 deletions(-)
diff --git a/templates/security/PMASA-2003-1 b/templates/security/PMASA-2003-1
index 7f1f8da..ae9e8f1 100644
--- a/templates/security/PMASA-2003-1
+++ b/templates/security/PMASA-2003-1
@@ -66,5 +66,7 @@ version of phpMyAdmin, which is to be released soon.
http://www.securityfocus.com/archive/1/325641</a>
</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2004-1 b/templates/security/PMASA-2004-1
index af30af9..57336af 100644
--- a/templates/security/PMASA-2004-1
+++ b/templates/security/PMASA-2004-1
@@ -63,5 +63,7 @@
http://www.securityfocus.com/archive/1/367486</a>
<py:def function="announcement_cve">CVE-2004-2631</py:def>
+<py:def function="announcement_cwe">661 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2004-2 b/templates/security/PMASA-2004-2
index 6736d17..f342c33 100644
--- a/templates/security/PMASA-2004-2
+++ b/templates/security/PMASA-2004-2
@@ -64,5 +64,7 @@ released soon.
<py:def function="announcement_cve">CVE-2004-2630</py:def>
+<py:def function="announcement_cwe">661 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2004-3 b/templates/security/PMASA-2004-3
index 21c7ed0..fc7e27e 100644
--- a/templates/security/PMASA-2004-3
+++ b/templates/security/PMASA-2004-3
@@ -68,6 +68,7 @@
http://www.netvigilance.com/html/advisory0005.htm</a>
<py:def function="announcement_cve">CVE-2004-1055</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2004-4 b/templates/security/PMASA-2004-4
index cf50469..f2720f2 100644
--- a/templates/security/PMASA-2004-4
+++ b/templates/security/PMASA-2004-4
@@ -64,5 +64,7 @@
http://www.exaprobe.com/labs/advisories/esa-2004-1213.html</a>
<py:def function="announcement_cve">CVE-2004-1148</py:def>
+<py:def function="announcement_cwe">661 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-1 b/templates/security/PMASA-2005-1
index 473b7f7..a87c15d 100644
--- a/templates/security/PMASA-2005-1
+++ b/templates/security/PMASA-2005-1
@@ -63,6 +63,7 @@
href="http://sourceforge.net/tracker/index.php?func=detail&aid…
<py:def function="announcement_cve">CVE-2005-0567</py:def>
+<py:def function="announcement_cwe">661 79 94</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-2 b/templates/security/PMASA-2005-2
index 48d8d54..97caf47 100644
--- a/templates/security/PMASA-2005-2
+++ b/templates/security/PMASA-2005-2
@@ -52,5 +52,7 @@ How to apply the directive to a specific directory:<br />
<py:def function="announcement_cve">CVE-2005-0544</py:def>
+<py:def function="announcement_cwe">661 200</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-3 b/templates/security/PMASA-2005-3
index 43b514a..0da63be 100644
--- a/templates/security/PMASA-2005-3
+++ b/templates/security/PMASA-2005-3
@@ -42,5 +42,7 @@
http://www.arrelnet.com/advisories/adv20050403.html</a>
<py:def function="announcement_cve">CVE-2005-0992</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-4 b/templates/security/PMASA-2005-4
index 0627fc3..21a4e3c 100644
--- a/templates/security/PMASA-2005-4
+++ b/templates/security/PMASA-2005-4
@@ -36,6 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl2 or newer.
<py:def function="announcement_cve">CVE-2005-3299</py:def>
+<py:def function="announcement_cwe">661 98</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-5 b/templates/security/PMASA-2005-5
index c1becee..ade5ae4 100644
--- a/templates/security/PMASA-2005-5
+++ b/templates/security/PMASA-2005-5
@@ -53,6 +53,7 @@ For (1): <a
href="http://www.hardened-php.net/advisory_162005.73.html">htt…
For (2): <a
href="http://www.trapkit.de/advisories/TKADV2005-10-001.txt">http://www.trapkit.de/advisories/TKADV2005-10-001.txt</a>
</py:def>
+<py:def function="announcement_cwe">661 98 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-6 b/templates/security/PMASA-2005-6
index 1fd9abd..dc22fc7 100644
--- a/templates/security/PMASA-2005-6
+++ b/templates/security/PMASA-2005-6
@@ -36,5 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl4.
<py:def function="announcement_cve">CVE-2005-3621</py:def>
+<py:def function="announcement_cwe">661 113</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-7 b/templates/security/PMASA-2005-7
index a707170..842f14d 100644
--- a/templates/security/PMASA-2005-7
+++ b/templates/security/PMASA-2005-7
@@ -36,5 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl4.
<py:def function="announcement_cve">CVE-2005-3787</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-8 b/templates/security/PMASA-2005-8
index afc3f69..d35fc79 100644
--- a/templates/security/PMASA-2005-8
+++ b/templates/security/PMASA-2005-8
@@ -35,6 +35,7 @@ We did not make an extensive verification on this. Probably all previous
version
Upgrade to phpMyAdmin 2.7.0.
</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2005-9 b/templates/security/PMASA-2005-9
index 8df7c0d..5316938 100644
--- a/templates/security/PMASA-2005-9
+++ b/templates/security/PMASA-2005-9
@@ -43,5 +43,7 @@ Upgrade to phpMyAdmin 2.7.0-pl1 or newer.
<py:def function="announcement_cve">CVE-2005-4079</py:def>
+<py:def function="announcement_cwe">661 79 98 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-1 b/templates/security/PMASA-2006-1
index 24471b9..a259641 100644
--- a/templates/security/PMASA-2006-1
+++ b/templates/security/PMASA-2006-1
@@ -33,5 +33,7 @@ Upgrade to phpMyAdmin 2.8.0.3 for the fixes in the two included themes.
New vers
<py:def function="announcement_cve">CVE-2006-1678</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-2 b/templates/security/PMASA-2006-2
index 8b34105..d0413ee 100644
--- a/templates/security/PMASA-2006-2
+++ b/templates/security/PMASA-2006-2
@@ -42,7 +42,7 @@ We wish to thank Sven Vetsch/Disenchant for informing us in a
responsible manner
<py:def function="announcement_cve">CVE-2006-2031</py:def>
-
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-3 b/templates/security/PMASA-2006-3
index a447f95..c36f11d 100644
--- a/templates/security/PMASA-2006-3
+++ b/templates/security/PMASA-2006-3
@@ -38,6 +38,7 @@ Upgrade to phpMyAdmin 2.8.1.
<py:def function="announcement_cve">CVE-2006-1804</py:def>
+<py:def function="announcement_cwe">661 352</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-4 b/templates/security/PMASA-2006-4
index 083ab4f..f567ad1 100644
--- a/templates/security/PMASA-2006-4
+++ b/templates/security/PMASA-2006-4
@@ -41,5 +41,7 @@ We wish to thank bug(a)securitynews.ir for informing us in a responsible
manner. T
<py:def function="announcement_cve">CVE-2006-3388</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-5 b/templates/security/PMASA-2006-5
index d23d6d6..3577236 100644
--- a/templates/security/PMASA-2006-5
+++ b/templates/security/PMASA-2006-5
@@ -36,6 +36,7 @@ Upgrade to phpMyAdmin 2.9.0.1 or newer.
<py:def function="announcement_cve">CVE-2006-5116</py:def>
+<py:def function="announcement_cwe">661 352</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-6 b/templates/security/PMASA-2006-6
index 57395dc..e4db109 100644
--- a/templates/security/PMASA-2006-6
+++ b/templates/security/PMASA-2006-6
@@ -35,6 +35,7 @@ Upgrade to phpMyAdmin 2.9.0.3 or newer.
<py:def function="announcement_cve">CVE-2006-5718</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-7 b/templates/security/PMASA-2006-7
index 70ec062..fec9550 100644
--- a/templates/security/PMASA-2006-7
+++ b/templates/security/PMASA-2006-7
@@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer.
<py:def function="announcement_cve">CVE-2006-6942</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-8 b/templates/security/PMASA-2006-8
index 0aafd1f..567144e 100644
--- a/templates/security/PMASA-2006-8
+++ b/templates/security/PMASA-2006-8
@@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer.
<py:def function="announcement_cve">CVE-2006-6374</py:def>
+<py:def function="announcement_cwe">661 200</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2006-9 b/templates/security/PMASA-2006-9
index c2d2414..8e4b6c0 100644
--- a/templates/security/PMASA-2006-9
+++ b/templates/security/PMASA-2006-9
@@ -37,5 +37,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer.
<py:def function="announcement_cve">CVE-2006-6944</py:def>
+<py:def function="announcement_cwe">661 264</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-1 b/templates/security/PMASA-2007-1
index 71d47d9..215ebbc 100644
--- a/templates/security/PMASA-2007-1
+++ b/templates/security/PMASA-2007-1
@@ -41,5 +41,7 @@ Upgrade to phpMyAdmin 2.9.2 or newer.
<py:def function="announcement_cve">CVE-2006-6374</py:def>
+<py:def function="announcement_cwe">661 113</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-2 b/templates/security/PMASA-2007-2
index bd84e47..f57d07b 100644
--- a/templates/security/PMASA-2007-2
+++ b/templates/security/PMASA-2007-2
@@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.2 or newer.
<py:def function="announcement_cve">CVE-2007-1395</py:def>
+<py:def function="announcement_cwe">661 79 200</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-3 b/templates/security/PMASA-2007-3
index ebd6e24..1f135fd 100644
--- a/templates/security/PMASA-2007-3
+++ b/templates/security/PMASA-2007-3
@@ -46,6 +46,7 @@ Patches are available in this tracker: <a
href="http://sourceforge.net/tracker/i
<py:def function="announcement_cve">CVE-2007-1325</py:def>
+<py:def function="announcement_cwe">661 674</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-4 b/templates/security/PMASA-2007-4
index bb0bf94..c13b808 100644
--- a/templates/security/PMASA-2007-4
+++ b/templates/security/PMASA-2007-4
@@ -40,6 +40,7 @@ Upgrade to phpMyAdmin 2.10.1 or newer.
<py:def function="announcement_cve">CVE-2007-2245</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-5 b/templates/security/PMASA-2007-5
index 899e7da..131f765 100644
--- a/templates/security/PMASA-2007-5
+++ b/templates/security/PMASA-2007-5
@@ -50,6 +50,7 @@ Patches are available in this tracker:
<a
href="https://sourceforge.net/tracker/index.php?func=detail&ai…
</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-6 b/templates/security/PMASA-2007-6
index f7748d4..73f905c 100644
--- a/templates/security/PMASA-2007-6
+++ b/templates/security/PMASA-2007-6
@@ -55,6 +55,7 @@ Patches are referenced here:
<a
href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev…
</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-7 b/templates/security/PMASA-2007-7
index 93d8db5..a19d024 100644
--- a/templates/security/PMASA-2007-7
+++ b/templates/security/PMASA-2007-7
@@ -52,5 +52,7 @@ The patch is attached to:
<py:def function="announcement_cve">CVE-2007-5977</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2007-8 b/templates/security/PMASA-2007-8
index 4b846af..3dffb1c 100644
--- a/templates/security/PMASA-2007-8
+++ b/templates/security/PMASA-2007-8
@@ -48,5 +48,7 @@
href="http://sourceforge.net/tracker/index.php?func=detail&aid…
<py:def function="announcement_cve">CVE-2007-6100</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-1 b/templates/security/PMASA-2008-1
index 1e2f4af..0d875e3 100644
--- a/templates/security/PMASA-2008-1
+++ b/templates/security/PMASA-2008-1
@@ -60,6 +60,7 @@
href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches…
<py:def function="announcement_cve">CVE-2008-1149</py:def>
+<py:def function="announcement_cwe">661 89</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-10 b/templates/security/PMASA-2008-10
index 037b001..9d4573f 100644
--- a/templates/security/PMASA-2008-10
+++ b/templates/security/PMASA-2008-10
@@ -45,5 +45,7 @@ Advisory: <a
href="http://www.milw0rm.com/exploits/7382">http://www.milw0rm…
<py:def function="announcement_cve">CVE-2008-5621
CVE-2008-5622</py:def>
+<py:def function="announcement_cwe">661 89</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-2 b/templates/security/PMASA-2008-2
index 9dd4b87..140167c 100644
--- a/templates/security/PMASA-2008-2
+++ b/templates/security/PMASA-2008-2
@@ -39,6 +39,7 @@ Upgrade to phpMyAdmin 2.11.5.1 or newer.
<py:def function="announcement_cve">CVE-2008-1567</py:def>
+<py:def function="announcement_cwe">661 522</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-3 b/templates/security/PMASA-2008-3
index 5d57ac2..f450eed 100644
--- a/templates/security/PMASA-2008-3
+++ b/templates/security/PMASA-2008-3
@@ -53,6 +53,7 @@ Upgrade to phpMyAdmin 2.11.5.2 or newer.
<a
href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev…
11211</a><br />
</py:def>
+<py:def function="announcement_cwe">661 522</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-4 b/templates/security/PMASA-2008-4
index 30c3859..dd8c125 100644
--- a/templates/security/PMASA-2008-4
+++ b/templates/security/PMASA-2008-4
@@ -45,5 +45,7 @@ Upgrade to phpMyAdmin 2.11.7 or newer.
<py:def function="announcement_cve">CVE-2008-2960</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-5 b/templates/security/PMASA-2008-5
index fe99724..f86f79e 100644
--- a/templates/security/PMASA-2008-5
+++ b/templates/security/PMASA-2008-5
@@ -54,6 +54,7 @@ These advisories are available from the reporter:<br />
<py:def function="announcement_cve">CVE-2008-3197</py:def>
+<py:def function="announcement_cwe">661 352</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-6 b/templates/security/PMASA-2008-6
index ae1de76..b021288 100644
--- a/templates/security/PMASA-2008-6
+++ b/templates/security/PMASA-2008-6
@@ -43,6 +43,7 @@ These advisories are available from the reporter:<br />
<py:def function="announcement_cve">CVE-2008-3457</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-7 b/templates/security/PMASA-2008-7
index 6bf2f9d..71b26f1 100644
--- a/templates/security/PMASA-2008-7
+++ b/templates/security/PMASA-2008-7
@@ -43,5 +43,7 @@ Upgrade to phpMyAdmin 2.11.9.1 or newer.
<py:def function="announcement_cve">CVE-2008-4096</py:def>
+<py:def function="announcement_cwe">661 94</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-8 b/templates/security/PMASA-2008-8
index a5bda7a..f57cb1c 100644
--- a/templates/security/PMASA-2008-8
+++ b/templates/security/PMASA-2008-8
@@ -48,5 +48,7 @@ Upgrade to phpMyAdmin 2.11.9.2 or newer.
<py:def function="announcement_cve">CVE-2008-4326</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2008-9 b/templates/security/PMASA-2008-9
index 509fe2b..b3040c1 100644
--- a/templates/security/PMASA-2008-9
+++ b/templates/security/PMASA-2008-9
@@ -39,5 +39,7 @@ Upgrade to phpMyAdmin 2.11.9.3 or 3.0.1.1.
<py:def function="announcement_cve">CVE-2008-4775</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-1 b/templates/security/PMASA-2009-1
index d60b3ae..205ee0b 100644
--- a/templates/security/PMASA-2009-1
+++ b/templates/security/PMASA-2009-1
@@ -44,5 +44,7 @@ have discovered this issue and reported it to us.
<py:def function="announcement_cve">CVE-2009-1148
CVE-2009-1149</py:def>
+<py:def function="announcement_cwe">661 113</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-2 b/templates/security/PMASA-2009-2
index 32febaa..fcc61dc 100644
--- a/templates/security/PMASA-2009-2
+++ b/templates/security/PMASA-2009-2
@@ -45,5 +45,7 @@ have discovered this issue and reported it to us.
<py:def function="announcement_cve">CVE-2009-1150</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-3 b/templates/security/PMASA-2009-3
index 218cb14..63018e0 100644
--- a/templates/security/PMASA-2009-3
+++ b/templates/security/PMASA-2009-3
@@ -50,5 +50,7 @@ Thanks to Greg Ose (Neohapsis), who has discovered this issue and
reported it to
<py:def function="announcement_cve">CVE-2009-1151</py:def>
+<py:def function="announcement_cwe">661 116</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-4 b/templates/security/PMASA-2009-4
index 4d19f31..c519cd1 100644
--- a/templates/security/PMASA-2009-4
+++ b/templates/security/PMASA-2009-4
@@ -57,5 +57,7 @@ issue and reported it to us.
<py:def function="announcement_cve">CVE-2009-1285</py:def>
+<py:def function="announcement_cwe">661 116</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-5 b/templates/security/PMASA-2009-5
index e3e8389..758175e 100644
--- a/templates/security/PMASA-2009-5
+++ b/templates/security/PMASA-2009-5
@@ -45,5 +45,7 @@ We wish to thank Sven Vetsch/Disenchant for informing us in a
responsible manner
<py:def function="announcement_cve">CVE-2009-2284</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2009-6 b/templates/security/PMASA-2009-6
index b6efd2a..f88b89f 100644
--- a/templates/security/PMASA-2009-6
+++ b/templates/security/PMASA-2009-6
@@ -47,5 +47,7 @@ We wish to thank Quintin Russ for informing us in a responsible manner.
<py:def function="announcement_cve">CVE-2009-3696
CVE-2009-3697</py:def>
+<py:def function="announcement_cwe">661 79 89</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-1 b/templates/security/PMASA-2010-1
index 26855fd..3901232 100644
--- a/templates/security/PMASA-2010-1
+++ b/templates/security/PMASA-2010-1
@@ -48,5 +48,7 @@ We wish to thank to Thijs Kinkhorst for pointing out this issue.
<py:def function="announcement_cve">CVE-2008-7251</py:def>
+<py:def function="announcement_cwe">661 376</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-2 b/templates/security/PMASA-2010-2
index 4ebc05f..4bc472b 100644
--- a/templates/security/PMASA-2010-2
+++ b/templates/security/PMASA-2010-2
@@ -47,5 +47,7 @@ We wish to thank to Thijs Kinkhorst for pointing out this issue.
<py:def function="announcement_cve">CVE-2008-7252</py:def>
+<py:def function="announcement_cwe">661 376</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-3 b/templates/security/PMASA-2010-3
index d973f99..8b816db 100644
--- a/templates/security/PMASA-2010-3
+++ b/templates/security/PMASA-2010-3
@@ -52,5 +52,7 @@ We wish to thank to Thomas Biege and Sebastian Krahmer for pointing out
this iss
<py:def function="announcement_cve">CVE-2009-4605</py:def>
+<py:def function="announcement_cwe">661 352</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-4 b/templates/security/PMASA-2010-4
index 0dd4a22..337bba1 100644
--- a/templates/security/PMASA-2010-4
+++ b/templates/security/PMASA-2010-4
@@ -56,5 +56,7 @@ bug</a> for more details.
<py:def function="announcement_cve">CVE-2010-3055</py:def>
+<py:def function="announcement_cwe">661 116</py:def>
+
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-5 b/templates/security/PMASA-2010-5
index cb7b2bb..463012d 100644
--- a/templates/security/PMASA-2010-5
+++ b/templates/security/PMASA-2010-5
@@ -45,6 +45,8 @@ and discovered more issues which are fixed as well.
<py:def function="announcement_cve">CVE-2010-3056</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<py:def function="announcement_commits">
48e909660032ddcbc13172830761e363e7a64d72
be0f47a93141e2950ad400b8d22a2a98512825c2
diff --git a/templates/security/PMASA-2010-6 b/templates/security/PMASA-2010-6
index 6db9c7e..8309aa5 100644
--- a/templates/security/PMASA-2010-6
+++ b/templates/security/PMASA-2010-6
@@ -45,6 +45,8 @@ Myanmar</a> for reporting this issue.
<py:def function="announcement_cve">CVE-2010-2958</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<py:def function="announcement_commits">
133a77fac7d31a38703db2099a90c1b49de62e37
</py:def>
diff --git a/templates/security/PMASA-2010-7 b/templates/security/PMASA-2010-7
index 105dcf5..ee3bda0 100644
--- a/templates/security/PMASA-2010-7
+++ b/templates/security/PMASA-2010-7
@@ -38,6 +38,8 @@ Thanks to <a
href="http://tenable.com/">Tenable Network
Security</a> for reporti
<py:def function="announcement_cve">CVE-2010-3263</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<py:def function="announcement_commits">
73ce5705bd1e0b62060f75702d62f88247ce09dd
</py:def>
diff --git a/templates/security/PMASA-2010-8 b/templates/security/PMASA-2010-8
index 29bd1a1..3e8e52d 100644
--- a/templates/security/PMASA-2010-8
+++ b/templates/security/PMASA-2010-8
@@ -34,8 +34,13 @@ Thanks to Alexander Opitz for reporting this issue.
<py:def function="announcement_cve">CVE-2010-4329</py:def>
+<py:def function="announcement_cwe">661 79</py:def>
+
<py:def function="announcement_commits">
4341818d73d454451f024950a4ce0141608ac7f8
+</py:def>
+
+<py:def function="announcement_commits_2_11">
e1f4901ffc400b6d2df15eac0ba5015fe48a27c4
</py:def>
diff --git a/templates/security/_PMASA_ b/templates/security/_PMASA_
index 4995066..3924d36 100644
--- a/templates/security/_PMASA_
+++ b/templates/security/_PMASA_
@@ -53,6 +53,12 @@ Upgrade to phpMyAdmin ???? or newer or apply patch listed below.
<!--! CVE ID of the report, this is automatically added to references -->
<py:def function="announcement_cve">CVE-201x-xxxx</py:def>
+<!--! CWE IDs of the problem, CWE provides categorisation of the problems,
+661 is "Weaknesses in Software Written in PHP"
+See
http://nvd.nist.gov/cwe.cfm for more information
+-->
+<py:def function="announcement_cwe">661</py:def>
+
<!--! Links to SVN or tracker, do not forget to escape & to & -->
<py:def function="announcement_patches">
</py:def>
diff --git a/templates/security/_page.tpl b/templates/security/_page.tpl
index 8cb3ff3..3bb7cf4 100644
--- a/templates/security/_page.tpl
+++ b/templates/security/_page.tpl
@@ -41,7 +41,7 @@
<h3>Solution</h3>
<p>${announcement_solution()}</p>
- <py:if test="defined('announcement_references') or
defined('announcement_cve')">
+ <py:if test="defined('announcement_references') or
defined('announcement_cve') or defined('announcement_cwe')">
<h3>References</h3>
<p
py:if="defined('announcement_references')">${announcement_references()}</p>
<p py:if="defined('announcement_cve')">
@@ -52,6 +52,14 @@
<a
href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=${cve}"&g…
</py:for>
</p>
+ <p py:if="defined('announcement_cwe')">
+ CWE ids:
+ <!--! This is a bit ugly expression and there must be better way to do
+ this, but I haven't found it. -->
+ <py:for each="cwe in announcement_cwe().next()[1].split('
')">
+ <a
href="http://cwe.mitre.org/data/definitions/${cwe}.html">CWE-$…
+ </py:for>
+ </p>
</py:if>
<py:if test="defined('announcement_patches') or
defined('announcement_commits') or
defined('announcement_commits_2_11')">
hooks/post-receive
--
phpMyAdmin website