[Secure-testing-commits] r7451 - data/CVE

[stef-guest at alioth.debian.org]

Author: stef-guest
Date: 2007-12-01 09:41:15 +0000 (Sat, 01 Dec 2007)
New Revision: 7451

Modified:
   data/CVE/list
Log:
bugnum and no-dsa for apache issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-01 09:27:04 UTC (rev 7450)
+++ data/CVE/list	2007-12-01 09:41:15 UTC (rev 7451)
@@ -4923,7 +4923,11 @@
 	NOT-FOR-US: snif
 CVE-2007-4465 (Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the ...)
 	- apache <unfixed>
-	- apache2 2.2.6-1
+	- apache2 2.2.6-1 (bug #453783)
+	[sarge] - apache <no-dsa> (browser issue, low impact)
+	[etch] - apache <no-dsa> (browser issue, low impact)
+	[sarge] - apache2 <no-dsa> (browser issue, low impact)
+	[etch] - apache2 <no-dsa> (browser issue, low impact)
 	NOTE: This is really a browser bug, see CVE-2006-5152. But still unfixed in MSIE.
 	NOTE: Etch's default configuration not vulnerable due to AddDefaultCharset,
 	NOTE: but many users change this.