merge old multidetections and update joomla,bugzilla,drupal,typo3,mantis,phpmyadmin (8ec7d79)

merge old multidetections and update joomla,bugzilla,drupal,typo3,mantis,phpmyadmin

Hanno Böck commited on 2019-12-12 09:10:29
Zeige 2 geänderte Dateien mit 43 Einfügungen und 96 Löschungen.

freewvsdb/cms.json c2aebba..cd4dc80
freewvsdb/misc.json 6a547a3..f9984d2

freewvsdb/cms.json

@@ -41,45 +41,30 @@
     ]
   },
   {
-    "name": "Drupal6",
+    "name": "Drupal",
     "url": "https://www.drupal.org/",
-    "safe": "7.67",
-    "vuln": "https://www.drupal.org/sa-core-2019-007",
+    "safe": "8.7.4",
+    "old_safe": "8.6.16,7.67",
+    "vuln": "CVE-2019-6342",
     "latest": "7.67",
     "detection": [
       {
         "file": "system.module",
         "variable": "define('VERSION'",
-        "subdir": 2
-      }
-    ]
+        "subdir": 2,
+        "note": "6.x and older"
       },
-  {
-    "name": "Drupal7",
-    "url": "https://www.drupal.org/",
-    "safe": "7.67",
-    "vuln": "https://www.drupal.org/sa-core-2019-007",
-    "latest": "7.67",
-    "detection": [
       {
         "file": "bootstrap.inc",
         "variable": "define('VERSION'",
-        "subdir": 1
-      }
-    ]
+        "subdir": 1,
+        "note": "7.x"
       },
-  {
-    "name": "Drupal8",
-    "url": "https://www.drupal.org/",
-    "safe": "8.7.1",
-    "old_safe": "8.6.16",
-    "vuln": "https://www.drupal.org/sa-core-2019-007",
-    "latest": "8.7.1",
-    "detection": [
       {
         "file": "Drupal.php",
         "variable": "const VERSION",
-        "subdir": 2
+        "subdir": 2,
+        "note": "8.x"
       }
     ]
   },
@@ -99,26 +84,18 @@
     ]
   },
   {
-    "name": "Typo3",
+    "name": "TYPO3",
     "url": "https://typo3.org/",
-    "safe": "9.5.6",
-    "old_safe": "8.7.25",
-    "vuln": "https://typo3.org/article/typo3-956-and-8725-security-releases-published/",
+    "safe": "9.5.8",
+    "old_safe": "8.7.27",
+    "vuln": "CVE-2019-12747",
     "detection": [
       {
         "file": "config_default.php",
         "variable": "$TYPO_VERSION",
-        "subdir": 1
-      }
-    ]
+        "subdir": 1,
+        "note": "4.x and older"
       },
-  {
-    "name": "typo3-6",
-    "url": "https://typo3.org/",
-    "safe": "9.5.6",
-    "old_safe": "8.7.25",
-    "vuln": "https://typo3.org/article/typo3-956-and-8725-security-releases-published/",
-    "detection": [
       {
         "file": "SystemEnvironmentBuilder.php",
         "variable": "define('TYPO3_version",
@@ -127,7 +104,7 @@
     ]
   },
   {
-    "name": "Joomla-1",
+    "name": "Joomla",
     "url": "https://www.joomla.org/",
     "safe": "3.9.13",
     "vuln": "CVE-2019-18674",
@@ -136,16 +113,9 @@
         "file": "CHANGELOG.php",
         "variable": "---------------",
         "subdir": 0,
-        "extra_match": "Joomla! is free software."
-      }
-    ]
+        "extra_match": "Joomla! is free software.",
+        "note": "1.5 and older"
       },
-  {
-    "name": "Joomla",
-    "url": "https://www.joomla.org/",
-    "safe": "3.9.13",
-    "vuln": "CVE-2019-18674",
-    "detection": [
       {
         "file": "joomla.xml",
         "variable": "<version>",

freewvsdb/misc.json

Zeige Datei @ 8ec7d79

@@ -1,6 +1,6 @@
 [
   {
-    "name": "phpMyAdmin-veryold",
+    "name": "phpMyAdmin",
     "url": "https://www.phpmyadmin.net/",
     "safe": "4.9.2",
     "vuln": "CVE-2019-18622",
@@ -8,30 +8,16 @@
       {
         "file": "Config.class.php",
         "variable": "PMA_VERSION",
-        "subdir": 1
-      }
-    ]
+        "subdir": 1,
+        "note": "4.5.x and older"
       },
-  {
-    "name": "phpMyAdmin-old",
-    "url": "https://www.phpmyadmin.net/",
-    "safe": "4.9.2",
-    "vuln": "CVE-2019-18622",
-    "detection": [
       {
         "file": "Config.php",
         "variable": "PMA_VERSION",
         "subdir": 1,
-        "extra_match": "namespace PMA\\libraries;"
-      }
-    ]
+        "extra_match": "namespace PMA\\libraries;",
+        "note": "4.6.x/4.7.x"
       },
-  {
-    "name": "phpMyAdmin",
-    "url": "https://www.phpmyadmin.net/",
-    "safe": "4.9.2",
-    "vuln": "CVE-2019-18622",
-    "detection": [
       {
         "file": "Config.php",
         "variable": "PMA_VERSION",
@@ -55,24 +41,16 @@
     ]
   },
   {
-    "name": "Mantis-deprecated",
+    "name": "Mantis",
     "url": "https://mantisbt.org/",
-    "safe": "2.22.1",
-    "vuln": "CVE-2019-15715",
+    "safe": "2.23.0",
+    "vuln": "CVE-2017-18214",
     "detection": [
       {
         "file": "config_defaults_inc.php",
         "variable": "$g_mantis_version",
         "subdir": 0
-      }
-    ]
       },
-  {
-    "name": "Mantis",
-    "url": "https://mantisbt.org/",
-    "safe": "2.22.1",
-    "vuln": "CVE-2019-15715",
-    "detection": [
       {
         "file": "constant_inc.php",
         "variable": "MANTIS_VERSION",
@@ -81,30 +59,29 @@
     ]
   },
   {
-    "name": "Bugzilla3",
+    "name": "Bugzilla",
     "url": "https://www.bugzilla.org/",
-    "safe": "4.4.7",
-    "old_safe": "4.2.12,4.0.16",
-    "vuln": "CVE-2011-2379",
+    "safe": "5.0.4",
+    "old_safe": "4.4.13",
+    "vuln": "CVE-2018-5123",
     "detection": [
       {
-        "file": "Constants.pm",
-        "variable": "BUGZILLA_VERSION",
-        "subdir": 1
-      }
-    ]
+        "file": "globals.pl",
+        "variable": "$::param{'version'}",
+        "subdir": 0,
+        "note": "2.14.x and older"
       },
-  {
-    "name": "Bugzilla2",
-    "url": "https://www.bugzilla.org/",
-    "safe": "4.4.7",
-    "old_safe": "4.2.12,4.0.16",
-    "vuln": "CVE-2011-2379",
-    "detection": [
       {
         "file": "Config.pm",
         "variable": "$Bugzilla::Config::VERSION",
-        "subdir": 1
+        "subdir": 1,
+        "note": "2.16.x - 2.23.x"
+      },
+      {
+        "file": "Constants.pm",
+        "variable": "BUGZILLA_VERSION",
+        "subdir": 1,
+        "note": "3.x and newer"
       }
     ]
   },


...	...	@@ -41,45 +41,30 @@
41	41	]
42	42	},
43	43	{
44		- "name": "Drupal6",
	44	+ "name": "Drupal",
45	45	"url": "https://www.drupal.org/",
46		- "safe": "7.67",
47		- "vuln": "https://www.drupal.org/sa-core-2019-007",
	46	+ "safe": "8.7.4",
	47	+ "old_safe": "8.6.16,7.67",
	48	+ "vuln": "CVE-2019-6342",
48	49	"latest": "7.67",
49	50	"detection": [
50	51	{
51	52	"file": "system.module",
52	53	"variable": "define('VERSION'",
53		- "subdir": 2
54		- }
55		- ]
	54	+ "subdir": 2,
	55	+ "note": "6.x and older"
56	56	},
57		- {
58		- "name": "Drupal7",
59		- "url": "https://www.drupal.org/",
60		- "safe": "7.67",
61		- "vuln": "https://www.drupal.org/sa-core-2019-007",
62		- "latest": "7.67",
63		- "detection": [
64	57	{
65	58	"file": "bootstrap.inc",
66	59	"variable": "define('VERSION'",
67		- "subdir": 1
68		- }
69		- ]
	60	+ "subdir": 1,
	61	+ "note": "7.x"
70	62	},
71		- {
72		- "name": "Drupal8",
73		- "url": "https://www.drupal.org/",
74		- "safe": "8.7.1",
75		- "old_safe": "8.6.16",
76		- "vuln": "https://www.drupal.org/sa-core-2019-007",
77		- "latest": "8.7.1",
78		- "detection": [
79	63	{
80	64	"file": "Drupal.php",
81	65	"variable": "const VERSION",
82		- "subdir": 2
	66	+ "subdir": 2,
	67	+ "note": "8.x"
83	68	}
84	69	]
85	70	},
...	...	@@ -99,26 +84,18 @@
99	84	]
100	85	},
101	86	{
102		- "name": "Typo3",
	87	+ "name": "TYPO3",
103	88	"url": "https://typo3.org/",
104		- "safe": "9.5.6",
105		- "old_safe": "8.7.25",
106		- "vuln": "https://typo3.org/article/typo3-956-and-8725-security-releases-published/",
	89	+ "safe": "9.5.8",
	90	+ "old_safe": "8.7.27",
	91	+ "vuln": "CVE-2019-12747",
107	92	"detection": [
108	93	{
109	94	"file": "config_default.php",
110	95	"variable": "$TYPO_VERSION",
111		- "subdir": 1
112		- }
113		- ]
	96	+ "subdir": 1,
	97	+ "note": "4.x and older"
114	98	},
115		- {
116		- "name": "typo3-6",
117		- "url": "https://typo3.org/",
118		- "safe": "9.5.6",
119		- "old_safe": "8.7.25",
120		- "vuln": "https://typo3.org/article/typo3-956-and-8725-security-releases-published/",
121		- "detection": [
122	99	{
123	100	"file": "SystemEnvironmentBuilder.php",
124	101	"variable": "define('TYPO3_version",
...	...	@@ -127,7 +104,7 @@
127	104	]
128	105	},
129	106	{
130		- "name": "Joomla-1",
	107	+ "name": "Joomla",
131	108	"url": "https://www.joomla.org/",
132	109	"safe": "3.9.13",
133	110	"vuln": "CVE-2019-18674",
...	...	@@ -136,16 +113,9 @@
136	113	"file": "CHANGELOG.php",
137	114	"variable": "---------------",
138	115	"subdir": 0,
139		- "extra_match": "Joomla! is free software."
140		- }
141		- ]
	116	+ "extra_match": "Joomla! is free software.",
	117	+ "note": "1.5 and older"
142	118	},
143		- {
144		- "name": "Joomla",
145		- "url": "https://www.joomla.org/",
146		- "safe": "3.9.13",
147		- "vuln": "CVE-2019-18674",
148		- "detection": [
149	119	{
150	120	"file": "joomla.xml",
151	121	"variable": "<version>",

...	...	@@ -1,6 +1,6 @@
1	1	[
2	2	{
3		- "name": "phpMyAdmin-veryold",
	3	+ "name": "phpMyAdmin",
4	4	"url": "https://www.phpmyadmin.net/",
5	5	"safe": "4.9.2",
6	6	"vuln": "CVE-2019-18622",
...	...	@@ -8,30 +8,16 @@
8	8	{
9	9	"file": "Config.class.php",
10	10	"variable": "PMA_VERSION",
11		- "subdir": 1
12		- }
13		- ]
	11	+ "subdir": 1,
	12	+ "note": "4.5.x and older"
14	13	},
15		- {
16		- "name": "phpMyAdmin-old",
17		- "url": "https://www.phpmyadmin.net/",
18		- "safe": "4.9.2",
19		- "vuln": "CVE-2019-18622",
20		- "detection": [
21	14	{
22	15	"file": "Config.php",
23	16	"variable": "PMA_VERSION",
24	17	"subdir": 1,
25		- "extra_match": "namespace PMA\\libraries;"
26		- }
27		- ]
	18	+ "extra_match": "namespace PMA\\libraries;",
	19	+ "note": "4.6.x/4.7.x"
28	20	},
29		- {
30		- "name": "phpMyAdmin",
31		- "url": "https://www.phpmyadmin.net/",
32		- "safe": "4.9.2",
33		- "vuln": "CVE-2019-18622",
34		- "detection": [
35	21	{
36	22	"file": "Config.php",
37	23	"variable": "PMA_VERSION",
...	...	@@ -55,24 +41,16 @@
55	41	]
56	42	},
57	43	{
58		- "name": "Mantis-deprecated",
	44	+ "name": "Mantis",
59	45	"url": "https://mantisbt.org/",
60		- "safe": "2.22.1",
61		- "vuln": "CVE-2019-15715",
	46	+ "safe": "2.23.0",
	47	+ "vuln": "CVE-2017-18214",
62	48	"detection": [
63	49	{
64	50	"file": "config_defaults_inc.php",
65	51	"variable": "$g_mantis_version",
66	52	"subdir": 0
67		- }
68		- ]
69	53	},
70		- {
71		- "name": "Mantis",
72		- "url": "https://mantisbt.org/",
73		- "safe": "2.22.1",
74		- "vuln": "CVE-2019-15715",
75		- "detection": [
76	54	{
77	55	"file": "constant_inc.php",
78	56	"variable": "MANTIS_VERSION",
...	...	@@ -81,30 +59,29 @@
81	59	]
82	60	},
83	61	{
84		- "name": "Bugzilla3",
	62	+ "name": "Bugzilla",
85	63	"url": "https://www.bugzilla.org/",
86		- "safe": "4.4.7",
87		- "old_safe": "4.2.12,4.0.16",
88		- "vuln": "CVE-2011-2379",
	64	+ "safe": "5.0.4",
	65	+ "old_safe": "4.4.13",
	66	+ "vuln": "CVE-2018-5123",
89	67	"detection": [
90	68	{
91		- "file": "Constants.pm",
92		- "variable": "BUGZILLA_VERSION",
93		- "subdir": 1
94		- }
95		- ]
	69	+ "file": "globals.pl",
	70	+ "variable": "$::param{'version'}",
	71	+ "subdir": 0,
	72	+ "note": "2.14.x and older"
96	73	},
97		- {
98		- "name": "Bugzilla2",
99		- "url": "https://www.bugzilla.org/",
100		- "safe": "4.4.7",
101		- "old_safe": "4.2.12,4.0.16",
102		- "vuln": "CVE-2011-2379",
103		- "detection": [
104	74	{
105	75	"file": "Config.pm",
106	76	"variable": "$Bugzilla::Config::VERSION",
107		- "subdir": 1
	77	+ "subdir": 1,
	78	+ "note": "2.16.x - 2.23.x"
	79	+ },
	80	+ {
	81	+ "file": "Constants.pm",
	82	+ "variable": "BUGZILLA_VERSION",
	83	+ "subdir": 1,
	84	+ "note": "3.x and newer"
108	85	}
109	86	]
110	87	},
111	88

freewvs.git