[Secure-testing-commits] r7753 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Sat Dec 29 09:35:20 UTC 2007
Author: stef-guest
Date: 2007-12-29 09:35:19 +0000 (Sat, 29 Dec 2007)
New Revision: 7753
Modified:
data/CVE/list
Log:
new mongrel issue; info for autofs5 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-29 09:14:09 UTC (rev 7752)
+++ data/CVE/list 2007-12-29 09:35:19 UTC (rev 7753)
@@ -1,3 +1,5 @@
+CVE-2007-XXXX [mongrel remote arbitrary file disclosure]
+ - mongrel 1.1.3-1 (medium)
CVE-2007-6564 (Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS ...)
NOT-FOR-US: Limbo CMS
CVE-2007-6563 (Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly ...)
@@ -650,7 +652,8 @@
CVE-2007-6286
RESERVED
CVE-2007-6285 (The default configuration for autofs 5 (autofs5) on Red Hat Enterprise ...)
- TODO: file bug (autofs5 is in experimental)
+ NOTE: maintainer will patch autofs5 in upload to unstable
+ TODO: check when autofs5 hits unstable
- autofs <not-affected> (-hosts feature not present, auto.net has nosuid,nodev)
- autofs5 <unfixed>
CVE-2007-6284
@@ -1444,7 +1447,8 @@
CVE-2007-5964 (The default configuration of autofs 5 in Red Hat Enterprise Linux ...)
- autofs 3.1.4-8 (medium)
- autofs5 <unfixed>
- TODO: file bug (autofs5 in experimental)
+ NOTE: maintainer will patch autofs5 in upload to unstable
+ TODO: check when autofs5 hits unstable
CVE-2007-5963 (Unspecified vulnerability in kdebase allows local users to cause a ...)
- kdebase <unfixed> (unimportant)
NOTE: This has only theoretical security impact
More information about the Secure-testing-commits
mailing list