[Secure-testing-commits] r5486 - data/CVE
Kees Cook
keescook-guest at alioth.debian.org
Mon Feb 26 22:07:47 UTC 2007
Author: keescook-guest
Date: 2007-02-26 23:07:44 +0100 (Mon, 26 Feb 2007)
New Revision: 5486
Modified:
data/CVE/list
Log:
adjusted libevent severity: current version is not vuln
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-25 16:22:35 UTC (rev 5485)
+++ data/CVE/list 2007-02-26 22:07:44 UTC (rev 5486)
@@ -26,7 +26,8 @@
CVE-2007-1031 (Directory traversal vulnerability in include/db_conn.php in SpoonLabs ...)
NOT-FOR-US: Vivvo Article Management CMS
CVE-2007-1030 (Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a ...)
- - libevent <unfixed> (bug #411996)
+ - libevent <unfixed> (bug #411996; unimportant)
+ NOTE: Only versions 1.2 and 1.2a are vulnerable -- 1.1a-1 is safe.
CVE-2007-1029 (Stack-based buffer overflow in the Connect method in the IMAP4 ...)
NOT-FOR-US: Quiksoft EasyMail Objects
CVE-2007-1028 (Cross-site scripting (XSS) vulnerability in the Barry Jaspan Image ...)
More information about the Secure-testing-commits
mailing list