[Secure-testing-commits] r5498 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Thu Mar 1 17:02:55 CET 2007


Author: stef-guest
Date: 2007-03-01 18:02:52 +0100 (Thu, 01 Mar 2007)
New Revision: 5498

Modified:
   data/CVE/list
Log:
sql-ledger documented as insecure

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-02-28 21:14:22 UTC (rev 5497)
+++ data/CVE/list	2007-03-01 17:02:52 UTC (rev 5498)
@@ -1421,6 +1421,8 @@
 	NOT-FOR-US: Sun Solaris.
 CVE-2007-0667 (The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and ...)
 	- sql-ledger <unfixed> (bug #409703)
+	NOTE: sql-ledger 2.6.22-2 adds a note to README.Debian that sql-ledger
+	NOTE: is not secure with untrusted users.
 CVE-2007-0666 (Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute ...)
 	NOT-FOR-US: WS_FTP Server
 CVE-2007-0665 (Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 ...)




More information about the Secure-testing-commits mailing list