[Secure-testing-commits] r7773 - data/CVE

[stef-guest at alioth.debian.org]

Author: stef-guest
Date: 2007-12-31 00:10:55 +0000 (Mon, 31 Dec 2007)
New Revision: 7773

Modified:
   data/CVE/list
Log:
new apache XSS

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-30 23:18:26 UTC (rev 7772)
+++ data/CVE/list	2007-12-31 00:10:55 UTC (rev 7773)
@@ -429,8 +429,10 @@
 CVE-2007-6389 (The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 ...)
 	- gnome-screensaver <unfixed> (low; bug #455484)
 	[etch] - gnome-screensaver <no-dsa> (Minor issue)
-CVE-2007-6388
+CVE-2007-6388 [apache mod_status XSS via refresh parameter]
 	RESERVED
+	- apache <unfixed> (low)
+	- apache2 <unfixed> (low)
 CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local users ...)
 	{DSA-1437-1}
 	- cupsys 1.3.5-1 (low; bug #456960)