The branch, master has been updated via 1c7cf7ef15bd28bdd37cf02143d0c0d22a15b57c (commit) via f01918a0fe7320471680f9f5c4ad032975a01b28 (commit) from 5be088e904b8a768dd8fe4add3614c0f61190b4d (commit) - Log ----------------------------------------------------------------- commit 1c7cf7ef15bd28bdd37cf02143d0c0d22a15b57c Author: Michal Čihař <mcihar@novell.com> Date: Wed Dec 8 14:36:48 2010 +0100 Add references to CWE ids in security issues. CWE provides categorisation of security issues. commit f01918a0fe7320471680f9f5c4ad032975a01b28 Author: Michal Čihař <mcihar@novell.com> Date: Wed Dec 8 14:28:22 2010 +0100 List separately commits for 2.11 branch. ----------------------------------------------------------------------- Summary of changes: templates/security/PMASA-2003-1 | 2 ++ templates/security/PMASA-2004-1 | 2 ++ templates/security/PMASA-2004-2 | 2 ++ templates/security/PMASA-2004-3 | 1 + templates/security/PMASA-2004-4 | 2 ++ templates/security/PMASA-2005-1 | 1 + templates/security/PMASA-2005-2 | 2 ++ templates/security/PMASA-2005-3 | 2 ++ templates/security/PMASA-2005-4 | 1 + templates/security/PMASA-2005-5 | 1 + templates/security/PMASA-2005-6 | 2 ++ templates/security/PMASA-2005-7 | 2 ++ templates/security/PMASA-2005-8 | 1 + templates/security/PMASA-2005-9 | 2 ++ templates/security/PMASA-2006-1 | 2 ++ templates/security/PMASA-2006-2 | 2 +- templates/security/PMASA-2006-3 | 1 + templates/security/PMASA-2006-4 | 2 ++ templates/security/PMASA-2006-5 | 1 + templates/security/PMASA-2006-6 | 1 + templates/security/PMASA-2006-7 | 2 ++ templates/security/PMASA-2006-8 | 2 ++ templates/security/PMASA-2006-9 | 2 ++ templates/security/PMASA-2007-1 | 2 ++ templates/security/PMASA-2007-2 | 2 ++ templates/security/PMASA-2007-3 | 1 + templates/security/PMASA-2007-4 | 1 + templates/security/PMASA-2007-5 | 1 + templates/security/PMASA-2007-6 | 1 + templates/security/PMASA-2007-7 | 2 ++ templates/security/PMASA-2007-8 | 2 ++ templates/security/PMASA-2008-1 | 1 + templates/security/PMASA-2008-10 | 2 ++ templates/security/PMASA-2008-2 | 1 + templates/security/PMASA-2008-3 | 1 + templates/security/PMASA-2008-4 | 2 ++ templates/security/PMASA-2008-5 | 1 + templates/security/PMASA-2008-6 | 1 + templates/security/PMASA-2008-7 | 2 ++ templates/security/PMASA-2008-8 | 2 ++ templates/security/PMASA-2008-9 | 2 ++ templates/security/PMASA-2009-1 | 2 ++ templates/security/PMASA-2009-2 | 2 ++ templates/security/PMASA-2009-3 | 2 ++ templates/security/PMASA-2009-4 | 2 ++ templates/security/PMASA-2009-5 | 2 ++ templates/security/PMASA-2009-6 | 2 ++ templates/security/PMASA-2010-1 | 2 ++ templates/security/PMASA-2010-2 | 2 ++ templates/security/PMASA-2010-3 | 2 ++ templates/security/PMASA-2010-4 | 2 ++ templates/security/PMASA-2010-5 | 2 ++ templates/security/PMASA-2010-6 | 2 ++ templates/security/PMASA-2010-7 | 2 ++ templates/security/PMASA-2010-8 | 5 +++++ templates/security/_PMASA_ | 6 ++++++ templates/security/_page.tpl | 10 +++++++++- 57 files changed, 110 insertions(+), 2 deletions(-) diff --git a/templates/security/PMASA-2003-1 b/templates/security/PMASA-2003-1 index 7f1f8da..ae9e8f1 100644 --- a/templates/security/PMASA-2003-1 +++ b/templates/security/PMASA-2003-1 @@ -66,5 +66,7 @@ version of phpMyAdmin, which is to be released soon. http://www.securityfocus.com/archive/1/325641</a> </py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2004-1 b/templates/security/PMASA-2004-1 index af30af9..57336af 100644 --- a/templates/security/PMASA-2004-1 +++ b/templates/security/PMASA-2004-1 @@ -63,5 +63,7 @@ http://www.securityfocus.com/archive/1/367486</a> <py:def function="announcement_cve">CVE-2004-2631</py:def> +<py:def function="announcement_cwe">661 94</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2004-2 b/templates/security/PMASA-2004-2 index 6736d17..f342c33 100644 --- a/templates/security/PMASA-2004-2 +++ b/templates/security/PMASA-2004-2 @@ -64,5 +64,7 @@ released soon. <py:def function="announcement_cve">CVE-2004-2630</py:def> +<py:def function="announcement_cwe">661 94</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2004-3 b/templates/security/PMASA-2004-3 index 21c7ed0..fc7e27e 100644 --- a/templates/security/PMASA-2004-3 +++ b/templates/security/PMASA-2004-3 @@ -68,6 +68,7 @@ http://www.netvigilance.com/html/advisory0005.htm</a> <py:def function="announcement_cve">CVE-2004-1055</py:def> +<py:def function="announcement_cwe">661 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2004-4 b/templates/security/PMASA-2004-4 index cf50469..f2720f2 100644 --- a/templates/security/PMASA-2004-4 +++ b/templates/security/PMASA-2004-4 @@ -64,5 +64,7 @@ http://www.exaprobe.com/labs/advisories/esa-2004-1213.html</a> <py:def function="announcement_cve">CVE-2004-1148</py:def> +<py:def function="announcement_cwe">661 94</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-1 b/templates/security/PMASA-2005-1 index 473b7f7..a87c15d 100644 --- a/templates/security/PMASA-2005-1 +++ b/templates/security/PMASA-2005-1 @@ -63,6 +63,7 @@ href="http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&g <py:def function="announcement_cve">CVE-2005-0567</py:def> +<py:def function="announcement_cwe">661 79 94</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-2 b/templates/security/PMASA-2005-2 index 48d8d54..97caf47 100644 --- a/templates/security/PMASA-2005-2 +++ b/templates/security/PMASA-2005-2 @@ -52,5 +52,7 @@ How to apply the directive to a specific directory:<br /> <py:def function="announcement_cve">CVE-2005-0544</py:def> +<py:def function="announcement_cwe">661 200</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-3 b/templates/security/PMASA-2005-3 index 43b514a..0da63be 100644 --- a/templates/security/PMASA-2005-3 +++ b/templates/security/PMASA-2005-3 @@ -42,5 +42,7 @@ http://www.arrelnet.com/advisories/adv20050403.html</a> <py:def function="announcement_cve">CVE-2005-0992</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-4 b/templates/security/PMASA-2005-4 index 0627fc3..21a4e3c 100644 --- a/templates/security/PMASA-2005-4 +++ b/templates/security/PMASA-2005-4 @@ -36,6 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl2 or newer. <py:def function="announcement_cve">CVE-2005-3299</py:def> +<py:def function="announcement_cwe">661 98</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-5 b/templates/security/PMASA-2005-5 index c1becee..ade5ae4 100644 --- a/templates/security/PMASA-2005-5 +++ b/templates/security/PMASA-2005-5 @@ -53,6 +53,7 @@ For (1): <a href="http://www.hardened-php.net/advisory_162005.73.html">http://ww For (2): <a href="http://www.trapkit.de/advisories/TKADV2005-10-001.txt">http://www.trapkit.de/advisories/TKADV2005-10-001.txt</a> </py:def> +<py:def function="announcement_cwe">661 98 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-6 b/templates/security/PMASA-2005-6 index 1fd9abd..dc22fc7 100644 --- a/templates/security/PMASA-2005-6 +++ b/templates/security/PMASA-2005-6 @@ -36,5 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl4. <py:def function="announcement_cve">CVE-2005-3621</py:def> +<py:def function="announcement_cwe">661 113</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-7 b/templates/security/PMASA-2005-7 index a707170..842f14d 100644 --- a/templates/security/PMASA-2005-7 +++ b/templates/security/PMASA-2005-7 @@ -36,5 +36,7 @@ Upgrade to phpMyAdmin 2.6.4-pl4. <py:def function="announcement_cve">CVE-2005-3787</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-8 b/templates/security/PMASA-2005-8 index afc3f69..d35fc79 100644 --- a/templates/security/PMASA-2005-8 +++ b/templates/security/PMASA-2005-8 @@ -35,6 +35,7 @@ We did not make an extensive verification on this. Probably all previous version Upgrade to phpMyAdmin 2.7.0. </py:def> +<py:def function="announcement_cwe">661 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2005-9 b/templates/security/PMASA-2005-9 index 8df7c0d..5316938 100644 --- a/templates/security/PMASA-2005-9 +++ b/templates/security/PMASA-2005-9 @@ -43,5 +43,7 @@ Upgrade to phpMyAdmin 2.7.0-pl1 or newer. <py:def function="announcement_cve">CVE-2005-4079</py:def> +<py:def function="announcement_cwe">661 79 98 94</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-1 b/templates/security/PMASA-2006-1 index 24471b9..a259641 100644 --- a/templates/security/PMASA-2006-1 +++ b/templates/security/PMASA-2006-1 @@ -33,5 +33,7 @@ Upgrade to phpMyAdmin 2.8.0.3 for the fixes in the two included themes. New vers <py:def function="announcement_cve">CVE-2006-1678</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-2 b/templates/security/PMASA-2006-2 index 8b34105..d0413ee 100644 --- a/templates/security/PMASA-2006-2 +++ b/templates/security/PMASA-2006-2 @@ -42,7 +42,7 @@ We wish to thank Sven Vetsch/Disenchant for informing us in a responsible manner <py:def function="announcement_cve">CVE-2006-2031</py:def> - +<py:def function="announcement_cwe">661 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-3 b/templates/security/PMASA-2006-3 index a447f95..c36f11d 100644 --- a/templates/security/PMASA-2006-3 +++ b/templates/security/PMASA-2006-3 @@ -38,6 +38,7 @@ Upgrade to phpMyAdmin 2.8.1. <py:def function="announcement_cve">CVE-2006-1804</py:def> +<py:def function="announcement_cwe">661 352</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-4 b/templates/security/PMASA-2006-4 index 083ab4f..f567ad1 100644 --- a/templates/security/PMASA-2006-4 +++ b/templates/security/PMASA-2006-4 @@ -41,5 +41,7 @@ We wish to thank bug@securitynews.ir for informing us in a responsible manner. T <py:def function="announcement_cve">CVE-2006-3388</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-5 b/templates/security/PMASA-2006-5 index d23d6d6..3577236 100644 --- a/templates/security/PMASA-2006-5 +++ b/templates/security/PMASA-2006-5 @@ -36,6 +36,7 @@ Upgrade to phpMyAdmin 2.9.0.1 or newer. <py:def function="announcement_cve">CVE-2006-5116</py:def> +<py:def function="announcement_cwe">661 352</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-6 b/templates/security/PMASA-2006-6 index 57395dc..e4db109 100644 --- a/templates/security/PMASA-2006-6 +++ b/templates/security/PMASA-2006-6 @@ -35,6 +35,7 @@ Upgrade to phpMyAdmin 2.9.0.3 or newer. <py:def function="announcement_cve">CVE-2006-5718</py:def> +<py:def function="announcement_cwe">661 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-7 b/templates/security/PMASA-2006-7 index 70ec062..fec9550 100644 --- a/templates/security/PMASA-2006-7 +++ b/templates/security/PMASA-2006-7 @@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer. <py:def function="announcement_cve">CVE-2006-6942</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-8 b/templates/security/PMASA-2006-8 index 0aafd1f..567144e 100644 --- a/templates/security/PMASA-2006-8 +++ b/templates/security/PMASA-2006-8 @@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer. <py:def function="announcement_cve">CVE-2006-6374</py:def> +<py:def function="announcement_cwe">661 200</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2006-9 b/templates/security/PMASA-2006-9 index c2d2414..8e4b6c0 100644 --- a/templates/security/PMASA-2006-9 +++ b/templates/security/PMASA-2006-9 @@ -37,5 +37,7 @@ Upgrade to phpMyAdmin 2.9.1.1 or newer. <py:def function="announcement_cve">CVE-2006-6944</py:def> +<py:def function="announcement_cwe">661 264</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2007-1 b/templates/security/PMASA-2007-1 index 71d47d9..215ebbc 100644 --- a/templates/security/PMASA-2007-1 +++ b/templates/security/PMASA-2007-1 @@ -41,5 +41,7 @@ Upgrade to phpMyAdmin 2.9.2 or newer. <py:def function="announcement_cve">CVE-2006-6374</py:def> +<py:def function="announcement_cwe">661 113</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2007-2 b/templates/security/PMASA-2007-2 index bd84e47..f57d07b 100644 --- a/templates/security/PMASA-2007-2 +++ b/templates/security/PMASA-2007-2 @@ -35,5 +35,7 @@ Upgrade to phpMyAdmin 2.9.2 or newer. <py:def function="announcement_cve">CVE-2007-1395</py:def> +<py:def function="announcement_cwe">661 79 200</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2007-3 b/templates/security/PMASA-2007-3 index ebd6e24..1f135fd 100644 --- a/templates/security/PMASA-2007-3 +++ b/templates/security/PMASA-2007-3 @@ -46,6 +46,7 @@ Patches are available in this tracker: <a href="http://sourceforge.net/tracker/i <py:def function="announcement_cve">CVE-2007-1325</py:def> +<py:def function="announcement_cwe">661 674</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2007-4 b/templates/security/PMASA-2007-4 index bb0bf94..c13b808 100644 --- a/templates/security/PMASA-2007-4 +++ b/templates/security/PMASA-2007-4 @@ -40,6 +40,7 @@ Upgrade to phpMyAdmin 2.10.1 or newer. <py:def function="announcement_cve">CVE-2007-2245</py:def> +<py:def function="announcement_cwe">661 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2007-5 b/templates/security/PMASA-2007-5 index 899e7da..131f765 100644 --- a/templates/security/PMASA-2007-5 +++ b/templates/security/PMASA-2007-5 @@ -50,6 +50,7 @@ Patches are available in this tracker: <a href="https://sourceforge.net/tracker/index.php?func=detail&aid=1810629&group_id=23067&atid=377408">https://sourceforge.net/tracker/index.php?func=detail&aid=1810629&group_id=23067&atid=377408</a> </py:def> +<py:def function="announcement_cwe">661 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2007-6 b/templates/security/PMASA-2007-6 index f7748d4..73f905c 100644 --- a/templates/security/PMASA-2007-6 +++ b/templates/security/PMASA-2007-6 @@ -55,6 +55,7 @@ Patches are referenced here: <a href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=10796">http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=10796</a> </py:def> +<py:def function="announcement_cwe">661 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2007-7 b/templates/security/PMASA-2007-7 index 93d8db5..a19d024 100644 --- a/templates/security/PMASA-2007-7 +++ b/templates/security/PMASA-2007-7 @@ -52,5 +52,7 @@ The patch is attached to: <py:def function="announcement_cve">CVE-2007-5977</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2007-8 b/templates/security/PMASA-2007-8 index 4b846af..3dffb1c 100644 --- a/templates/security/PMASA-2007-8 +++ b/templates/security/PMASA-2007-8 @@ -48,5 +48,7 @@ href="http://sourceforge.net/tracker/index.php?func=detail&aid=1835123&g <py:def function="announcement_cve">CVE-2007-6100</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-1 b/templates/security/PMASA-2008-1 index 1e2f4af..0d875e3 100644 --- a/templates/security/PMASA-2008-1 +++ b/templates/security/PMASA-2008-1 @@ -60,6 +60,7 @@ href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/p <py:def function="announcement_cve">CVE-2008-1149</py:def> +<py:def function="announcement_cwe">661 89</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-10 b/templates/security/PMASA-2008-10 index 037b001..9d4573f 100644 --- a/templates/security/PMASA-2008-10 +++ b/templates/security/PMASA-2008-10 @@ -45,5 +45,7 @@ Advisory: <a href="http://www.milw0rm.com/exploits/7382">http://www.milw0rm.com/ <py:def function="announcement_cve">CVE-2008-5621 CVE-2008-5622</py:def> +<py:def function="announcement_cwe">661 89</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-2 b/templates/security/PMASA-2008-2 index 9dd4b87..140167c 100644 --- a/templates/security/PMASA-2008-2 +++ b/templates/security/PMASA-2008-2 @@ -39,6 +39,7 @@ Upgrade to phpMyAdmin 2.11.5.1 or newer. <py:def function="announcement_cve">CVE-2008-1567</py:def> +<py:def function="announcement_cwe">661 522</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-3 b/templates/security/PMASA-2008-3 index 5d57ac2..f450eed 100644 --- a/templates/security/PMASA-2008-3 +++ b/templates/security/PMASA-2008-3 @@ -53,6 +53,7 @@ Upgrade to phpMyAdmin 2.11.5.2 or newer. <a href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11211">Revision 11211</a><br /> </py:def> +<py:def function="announcement_cwe">661 522</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-4 b/templates/security/PMASA-2008-4 index 30c3859..dd8c125 100644 --- a/templates/security/PMASA-2008-4 +++ b/templates/security/PMASA-2008-4 @@ -45,5 +45,7 @@ Upgrade to phpMyAdmin 2.11.7 or newer. <py:def function="announcement_cve">CVE-2008-2960</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-5 b/templates/security/PMASA-2008-5 index fe99724..f86f79e 100644 --- a/templates/security/PMASA-2008-5 +++ b/templates/security/PMASA-2008-5 @@ -54,6 +54,7 @@ These advisories are available from the reporter:<br /> <py:def function="announcement_cve">CVE-2008-3197</py:def> +<py:def function="announcement_cwe">661 352</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-6 b/templates/security/PMASA-2008-6 index ae1de76..b021288 100644 --- a/templates/security/PMASA-2008-6 +++ b/templates/security/PMASA-2008-6 @@ -43,6 +43,7 @@ These advisories are available from the reporter:<br /> <py:def function="announcement_cve">CVE-2008-3457</py:def> +<py:def function="announcement_cwe">661 79</py:def> <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-7 b/templates/security/PMASA-2008-7 index 6bf2f9d..71b26f1 100644 --- a/templates/security/PMASA-2008-7 +++ b/templates/security/PMASA-2008-7 @@ -43,5 +43,7 @@ Upgrade to phpMyAdmin 2.11.9.1 or newer. <py:def function="announcement_cve">CVE-2008-4096</py:def> +<py:def function="announcement_cwe">661 94</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-8 b/templates/security/PMASA-2008-8 index a5bda7a..f57cb1c 100644 --- a/templates/security/PMASA-2008-8 +++ b/templates/security/PMASA-2008-8 @@ -48,5 +48,7 @@ Upgrade to phpMyAdmin 2.11.9.2 or newer. <py:def function="announcement_cve">CVE-2008-4326</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2008-9 b/templates/security/PMASA-2008-9 index 509fe2b..b3040c1 100644 --- a/templates/security/PMASA-2008-9 +++ b/templates/security/PMASA-2008-9 @@ -39,5 +39,7 @@ Upgrade to phpMyAdmin 2.11.9.3 or 3.0.1.1. <py:def function="announcement_cve">CVE-2008-4775</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2009-1 b/templates/security/PMASA-2009-1 index d60b3ae..205ee0b 100644 --- a/templates/security/PMASA-2009-1 +++ b/templates/security/PMASA-2009-1 @@ -44,5 +44,7 @@ have discovered this issue and reported it to us. <py:def function="announcement_cve">CVE-2009-1148 CVE-2009-1149</py:def> +<py:def function="announcement_cwe">661 113</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2009-2 b/templates/security/PMASA-2009-2 index 32febaa..fcc61dc 100644 --- a/templates/security/PMASA-2009-2 +++ b/templates/security/PMASA-2009-2 @@ -45,5 +45,7 @@ have discovered this issue and reported it to us. <py:def function="announcement_cve">CVE-2009-1150</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2009-3 b/templates/security/PMASA-2009-3 index 218cb14..63018e0 100644 --- a/templates/security/PMASA-2009-3 +++ b/templates/security/PMASA-2009-3 @@ -50,5 +50,7 @@ Thanks to Greg Ose (Neohapsis), who has discovered this issue and reported it to <py:def function="announcement_cve">CVE-2009-1151</py:def> +<py:def function="announcement_cwe">661 116</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2009-4 b/templates/security/PMASA-2009-4 index 4d19f31..c519cd1 100644 --- a/templates/security/PMASA-2009-4 +++ b/templates/security/PMASA-2009-4 @@ -57,5 +57,7 @@ issue and reported it to us. <py:def function="announcement_cve">CVE-2009-1285</py:def> +<py:def function="announcement_cwe">661 116</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2009-5 b/templates/security/PMASA-2009-5 index e3e8389..758175e 100644 --- a/templates/security/PMASA-2009-5 +++ b/templates/security/PMASA-2009-5 @@ -45,5 +45,7 @@ We wish to thank Sven Vetsch/Disenchant for informing us in a responsible manner <py:def function="announcement_cve">CVE-2009-2284</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2009-6 b/templates/security/PMASA-2009-6 index b6efd2a..f88b89f 100644 --- a/templates/security/PMASA-2009-6 +++ b/templates/security/PMASA-2009-6 @@ -47,5 +47,7 @@ We wish to thank Quintin Russ for informing us in a responsible manner. <py:def function="announcement_cve">CVE-2009-3696 CVE-2009-3697</py:def> +<py:def function="announcement_cwe">661 79 89</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2010-1 b/templates/security/PMASA-2010-1 index 26855fd..3901232 100644 --- a/templates/security/PMASA-2010-1 +++ b/templates/security/PMASA-2010-1 @@ -48,5 +48,7 @@ We wish to thank to Thijs Kinkhorst for pointing out this issue. <py:def function="announcement_cve">CVE-2008-7251</py:def> +<py:def function="announcement_cwe">661 376</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2010-2 b/templates/security/PMASA-2010-2 index 4ebc05f..4bc472b 100644 --- a/templates/security/PMASA-2010-2 +++ b/templates/security/PMASA-2010-2 @@ -47,5 +47,7 @@ We wish to thank to Thijs Kinkhorst for pointing out this issue. <py:def function="announcement_cve">CVE-2008-7252</py:def> +<py:def function="announcement_cwe">661 376</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2010-3 b/templates/security/PMASA-2010-3 index d973f99..8b816db 100644 --- a/templates/security/PMASA-2010-3 +++ b/templates/security/PMASA-2010-3 @@ -52,5 +52,7 @@ We wish to thank to Thomas Biege and Sebastian Krahmer for pointing out this iss <py:def function="announcement_cve">CVE-2009-4605</py:def> +<py:def function="announcement_cwe">661 352</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2010-4 b/templates/security/PMASA-2010-4 index 0dd4a22..337bba1 100644 --- a/templates/security/PMASA-2010-4 +++ b/templates/security/PMASA-2010-4 @@ -56,5 +56,7 @@ bug</a> for more details. <py:def function="announcement_cve">CVE-2010-3055</py:def> +<py:def function="announcement_cwe">661 116</py:def> + <xi:include href="_page.tpl" /> </html> diff --git a/templates/security/PMASA-2010-5 b/templates/security/PMASA-2010-5 index cb7b2bb..463012d 100644 --- a/templates/security/PMASA-2010-5 +++ b/templates/security/PMASA-2010-5 @@ -45,6 +45,8 @@ and discovered more issues which are fixed as well. <py:def function="announcement_cve">CVE-2010-3056</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <py:def function="announcement_commits"> 48e909660032ddcbc13172830761e363e7a64d72 be0f47a93141e2950ad400b8d22a2a98512825c2 diff --git a/templates/security/PMASA-2010-6 b/templates/security/PMASA-2010-6 index 6db9c7e..8309aa5 100644 --- a/templates/security/PMASA-2010-6 +++ b/templates/security/PMASA-2010-6 @@ -45,6 +45,8 @@ Myanmar</a> for reporting this issue. <py:def function="announcement_cve">CVE-2010-2958</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <py:def function="announcement_commits"> 133a77fac7d31a38703db2099a90c1b49de62e37 </py:def> diff --git a/templates/security/PMASA-2010-7 b/templates/security/PMASA-2010-7 index 105dcf5..ee3bda0 100644 --- a/templates/security/PMASA-2010-7 +++ b/templates/security/PMASA-2010-7 @@ -38,6 +38,8 @@ Thanks to <a href="http://tenable.com/">Tenable Network Security</a> for reporti <py:def function="announcement_cve">CVE-2010-3263</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <py:def function="announcement_commits"> 73ce5705bd1e0b62060f75702d62f88247ce09dd </py:def> diff --git a/templates/security/PMASA-2010-8 b/templates/security/PMASA-2010-8 index 29bd1a1..3e8e52d 100644 --- a/templates/security/PMASA-2010-8 +++ b/templates/security/PMASA-2010-8 @@ -34,8 +34,13 @@ Thanks to Alexander Opitz for reporting this issue. <py:def function="announcement_cve">CVE-2010-4329</py:def> +<py:def function="announcement_cwe">661 79</py:def> + <py:def function="announcement_commits"> 4341818d73d454451f024950a4ce0141608ac7f8 +</py:def> + +<py:def function="announcement_commits_2_11"> e1f4901ffc400b6d2df15eac0ba5015fe48a27c4 </py:def> diff --git a/templates/security/_PMASA_ b/templates/security/_PMASA_ index 4995066..3924d36 100644 --- a/templates/security/_PMASA_ +++ b/templates/security/_PMASA_ @@ -53,6 +53,12 @@ Upgrade to phpMyAdmin ???? or newer or apply patch listed below. <!--! CVE ID of the report, this is automatically added to references --> <py:def function="announcement_cve">CVE-201x-xxxx</py:def> +<!--! CWE IDs of the problem, CWE provides categorisation of the problems, +661 is "Weaknesses in Software Written in PHP" +See http://nvd.nist.gov/cwe.cfm for more information +--> +<py:def function="announcement_cwe">661</py:def> + <!--! Links to SVN or tracker, do not forget to escape & to & --> <py:def function="announcement_patches"> </py:def> diff --git a/templates/security/_page.tpl b/templates/security/_page.tpl index 8cb3ff3..3bb7cf4 100644 --- a/templates/security/_page.tpl +++ b/templates/security/_page.tpl @@ -41,7 +41,7 @@ <h3>Solution</h3> <p>${announcement_solution()}</p> - <py:if test="defined('announcement_references') or defined('announcement_cve')"> + <py:if test="defined('announcement_references') or defined('announcement_cve') or defined('announcement_cwe')"> <h3>References</h3> <p py:if="defined('announcement_references')">${announcement_references()}</p> <p py:if="defined('announcement_cve')"> @@ -52,6 +52,14 @@ <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=${cve}">${cve}</a> </py:for> </p> + <p py:if="defined('announcement_cwe')"> + CWE ids: + <!--! This is a bit ugly expression and there must be better way to do + this, but I haven't found it. --> + <py:for each="cwe in announcement_cwe().next()[1].split(' ')"> + <a href="http://cwe.mitre.org/data/definitions/${cwe}.html">CWE-${cwe}</a> + </py:for> + </p> </py:if> <py:if test="defined('announcement_patches') or defined('announcement_commits') or defined('announcement_commits_2_11')"> hooks/post-receive -- phpMyAdmin website