[Secure-testing-commits] r7753 - data/CVE

stef-guest at alioth.debian.org stef-guest at alioth.debian.org
Sat Dec 29 09:35:20 UTC 2007


Author: stef-guest
Date: 2007-12-29 09:35:19 +0000 (Sat, 29 Dec 2007)
New Revision: 7753

Modified:
   data/CVE/list
Log:
new mongrel issue; info for autofs5 issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-29 09:14:09 UTC (rev 7752)
+++ data/CVE/list	2007-12-29 09:35:19 UTC (rev 7753)
@@ -1,3 +1,5 @@
+CVE-2007-XXXX [mongrel remote arbitrary file disclosure]
+	- mongrel 1.1.3-1 (medium)
 CVE-2007-6564 (Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS ...)
 	NOT-FOR-US: Limbo CMS
 CVE-2007-6563 (Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly ...)
@@ -650,7 +652,8 @@
 CVE-2007-6286
 	RESERVED
 CVE-2007-6285 (The default configuration for autofs 5 (autofs5) on Red Hat Enterprise ...)
-	TODO: file bug (autofs5 is in experimental)
+	NOTE: maintainer will patch autofs5 in upload to unstable
+	TODO: check when autofs5 hits unstable
 	- autofs <not-affected> (-hosts feature not present, auto.net has nosuid,nodev)
 	- autofs5 <unfixed>
 CVE-2007-6284
@@ -1444,7 +1447,8 @@
 CVE-2007-5964 (The default configuration of autofs 5 in Red Hat Enterprise Linux ...)
 	- autofs 3.1.4-8 (medium)
 	- autofs5 <unfixed>
-	TODO: file bug (autofs5 in experimental)
+	NOTE: maintainer will patch autofs5 in upload to unstable
+	TODO: check when autofs5 hits unstable
 CVE-2007-5963 (Unspecified vulnerability in kdebase allows local users to cause a ...)
 	- kdebase <unfixed> (unimportant)
 	NOTE: This has only theoretical security impact




More information about the Secure-testing-commits mailing list