[Secure-testing-commits] r6205 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Tue Jul 31 21:51:21 UTC 2007
Author: jmm-guest
Date: 2007-07-31 21:51:21 +0000 (Tue, 31 Jul 2007)
New Revision: 6205
Modified:
data/CVE/list
Log:
python no-dsa
trac non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-31 21:41:01 UTC (rev 6204)
+++ data/CVE/list 2007-07-31 21:51:21 UTC (rev 6205)
@@ -4674,6 +4674,7 @@
CVE-2007-2052 (Off-by-one error in the PyLocale_strxfrm function in ...)
- python2.4 2.4.4-3 (bug #416931; low)
- python2.5 <unfixed> (bug #416934; low)
+ [etch] - python2.5 <no-dsa> (Minor issue)
- python2.3 <unfixed> (low)
CVE-2007-2051 (Buffer overflow in the parsecmd function in bftpd before 1.8 has ...)
NOT-FOR-US: bftpd
@@ -6240,10 +6241,12 @@
NOT-FOR-US: Quick.Cart
CVE-2007-1406 (Trac before 0.10.3.1 does not send a Content-Disposition HTTP header ...)
[etch] - trac 0.10.3-1etch1
- - trac <unfixed> (low; bug #414134; bug #420219)
+ - trac 0.10.4-1 (unimportant; bug #414134; bug #420219)
+ NOTE: Browser bug, only exploitable on IE, still fixed in a point release
CVE-2007-1405 (Cross-site scripting (XSS) vulnerability in the "download wiki page as ...)
[etch] - trac 0.10.3-1etch1
- - trac <unfixed> (low; bug #414134; bug #420219)
+ - trac 0.10.4-1 (unimportant; bug #414134; bug #420219)
+ NOTE: Browser bug, only exploitable on IE, still fixed in a point release
CVE-2007-1404 (tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote ...)
NOT-FOR-US: ProSysInfo TFTP Server
CVE-2007-1403 (Multiple stack-based buffer overflows in an ActiveX control in ...)
More information about the Secure-testing-commits
mailing list