[Secure-testing-commits] r7527 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Wed Dec 5 22:46:56 UTC 2007 

Author: white
Date: 2007-12-05 22:46:56 +0000 (Wed, 05 Dec 2007)
New Revision: 7527

Modified:
   data/CVE/list
Log:
NFUs; typespeed DoS unimportant; new jetty issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-05 22:17:23 UTC (rev 7526)
+++ data/CVE/list	2007-12-05 22:46:56 UTC (rev 7527)
@@ -77,23 +77,23 @@
 CVE-2007-6221 (TuMusika Evolution 1.7R5 allows remote attackers to obtain ...)
 	NOT-FOR-US: TuMusika
 CVE-2007-6220 (typespeed before 0.6.4 allows remote attackers to cause a denial of ...)
-	TODO: check
+	- typespeed <unfixed> (unimportant; bug #454527)
 CVE-2007-6219 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Netcool Security Manager
 CVE-2007-6218 (Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 ...)
-	TODO: check
+	NOT-FOR-US: Ossigeno CMS
 CVE-2007-6217 (Multiple SQL injection vulnerabilities in login.asp in Irola My-Time ...)
-	TODO: check
+	NOT-FOR-US: Irola My-Time
 CVE-2007-6216 (Race condition in the Fibre Channel protocol (fcp) driver and Devices ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris
 CVE-2007-6215 (Multiple directory traversal vulnerabilities in play.php in Web-MeetMe ...)
-	TODO: check
+	NOT-FOR-US: Web-MeetMe
 CVE-2007-6214 (Directory traversal vulnerability in include/file_download.php in ...)
-	TODO: check
+	NOT-FOR-US: LearnLoop
 CVE-2007-6213 (Multiple directory traversal vulnerabilities in mod/chat/index.php in ...)
-	TODO: check
+	NOT-FOR-US: WebED
 CVE-2007-6212 (Directory traversal vulnerability in region.php in KML share 1.1 ...)
-	TODO: check
+	NOT-FOR-US: KML share
 CVE-2008-0010
 	RESERVED
 CVE-2008-0009
@@ -1942,11 +1942,11 @@
 CVE-2007-5616
 	RESERVED
 CVE-2007-5615 (CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows ...)
-	TODO: check
+	- jetty <unfixed> (low; bug #454529)
 CVE-2007-5614 (Mortbay Jetty before 6.1.6rc1 does not properly handle &quot;certain quote ...)
-	TODO: check
+	- jetty <unfixed> (low; bug #454529)
 CVE-2007-5613 (Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay ...)
-	TODO: check
+	- jetty <unfixed> (low; bug #454529)
 CVE-2007-5612 (CIM Server in IBM Director 5.20.1 and earlier allows remote attackers ...)
 	NOT-FOR-US: IBM Director
 CVE-2007-5611

More information about the Secure-testing-commits mailing list