[Secure-testing-commits] r7235 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Wed Nov 7 03:30:12 UTC 2007
Author: white
Date: 2007-11-07 03:30:12 +0000 (Wed, 07 Nov 2007)
New Revision: 7235
Modified:
data/CVE/list
Log:
Remove iscsitarget temp issue, because it got a CVE id; Also shift NOTE
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-06 22:53:50 UTC (rev 7234)
+++ data/CVE/list 2007-11-07 03:30:12 UTC (rev 7235)
@@ -20,6 +20,7 @@
TODO: check
CVE-2007-5827 (iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for ...)
- iscsitarget 0.4.15-5 (bug #448873)
+ NOTE: init script has "dump" function, which marks conffile correctly
CVE-2007-5826 (Absolute path traversal vulnerability in the EDraw Flowchart ActiveX ...)
NOT-FOR-US: EDraw Flowchart
CVE-2007-5825 (Format string vulnerability in the ws_addarg function in webserver.c ...)
@@ -89,9 +90,6 @@
CVE-2007-5795 (The hack-local-variables function in Emacs before 22.2, when ...)
- emacs22 22.1+1-2.1 (medium; bug #449008)
NOTE: Emacs 21 is not affected
-CVE-2007-XXXX [conffile ietd.conf public readable and contains passwords]
- - iscsitarget 0.4.15-5 (low; bug #448873)
- NOTE: init script has "dump" function, which marks conffile correctly
CVE-2007-5793 (Stonesoft StoneGate IPS before 4.0 does not properly decode ...)
NOT-FOR-US: Stonesoft StoneGate IPS
CVE-2007-5792 (The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP ...)
More information about the Secure-testing-commits
mailing list