[Secure-testing-commits] r7761 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Sat Dec 29 21:01:18 UTC 2007
Author: thijs
Date: 2007-12-29 21:01:17 +0000 (Sat, 29 Dec 2007)
New Revision: 7761
Modified:
data/CVE/list
Log:
tomcat5.5 fixed
wordpress issue may not be fixed, add TODO
another disputed wordpress issue is indeed not important
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-29 18:48:02 UTC (rev 7760)
+++ data/CVE/list 2007-12-29 21:01:17 UTC (rev 7761)
@@ -3720,7 +3720,7 @@
CVE-2007-5343
RESERVED
CVE-2007-5342 (The default catalina.policy in the JULI logging component in Apache ...)
- - tomcat5.5 <unfixed> (low; bug #458237)
+ - tomcat5.5 5.5.25-4 (low; bug #458237)
- tomcat5 <removed>
CVE-2007-5341
RESERVED
@@ -12401,7 +12401,8 @@
CVE-2007-1733 (Buffer overflow in InterVations NaviCOPA HTTP Server 2.01 allows ...)
NOT-FOR-US: NaviCOPA HTTP Server
CVE-2007-1732 (** DISPUTED ** ...)
- - wordpress 2.1.3-1
+ - wordpress 2.1.3-1 (unimportant)
+ NOTE: Administrators can post full HTML, that is a feature. Rightly disputed.
CVE-2007-1731 (Multiple stack-based buffer overflows in High Performance Anonymous ...)
NOT-FOR-US: hpaftpd
CVE-2007-1730 (Integer signedness error in the DCCP support in the do_dccp_getsockopt ...)
@@ -12723,6 +12724,7 @@
CVE-2007-1599 (wp-login.php in WordPress allows remote attackers to redirect ...)
- wordpress 2.2.2-1 (bug #437085; low)
NOTE: see issue 5023 in the wordpress trac
+ TODO: issue 5023 seems not related and 2.2.2 changelog does not mention such a thing.
CVE-2007-1598 (Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 ...)
NOT-FOR-US: FileCOPA FTP
CVE-2007-1597 (Unclassified NewsBoard 1.6.3 stores sensitive information under the ...)
More information about the Secure-testing-commits
mailing list