[Secure-testing-commits] r7452 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sat Dec 1 11:49:58 UTC 2007
Author: nion
Date: 2007-12-01 11:49:58 +0000 (Sat, 01 Dec 2007)
New Revision: 7452
Modified:
data/CVE/list
Log:
rsync got CVE-2007-6200 and CVE-2007-6199
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-01 09:41:15 UTC (rev 7451)
+++ data/CVE/list 2007-12-01 11:49:58 UTC (rev 7452)
@@ -1,7 +1,7 @@
CVE-2007-6200 (Unspecified vulnerability in rsync before 3.0.0pre6, when running a ...)
- TODO: check
+ - rsync <unfixed> (low; bug #453652)
CVE-2007-6199 (rsync before 3.0.0pre6, when running a writable rsync daemon that is ...)
- TODO: check
+ - rsync <unfixed> (low; bug #453652)
CVE-2007-6198 (portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction ...)
TODO: check
CVE-2007-6197 (The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 ...)
@@ -136,8 +136,6 @@
[etch] - asterisk <not-affected> (Vulnerable code not present)
CVE-2007-6170 (SQL injection vulnerability in the Call Detail Record Postgres logging ...)
- asterisk <unfixed> (medium)
-CVE-2007-XXXX [rsync is prone to symlink attacks]
- - rsync <unfixed> (low; bug #453652)
CVE-2007-6150 (The "internal state tracking" code for the random and urandom devices ...)
NOT-FOR-US: FreeBSD
CVE-2007-6132
More information about the Secure-testing-commits
mailing list