[Secure-testing-commits] r7248 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Nov 8 21:11:41 UTC 2007
Author: nion
Date: 2007-11-08 21:11:40 +0000 (Thu, 08 Nov 2007)
New Revision: 7248
Modified:
data/CVE/list
Log:
CVE-2007-5828 python-django not an issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-08 20:57:05 UTC (rev 7247)
+++ data/CVE/list 2007-11-08 21:11:40 UTC (rev 7248)
@@ -113,7 +113,9 @@
CVE-2007-5829 (The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and ...)
NOT-FOR-US: Symantec AntiVirus
CVE-2007-5828 (Cross-site request forgery (CSRF) vulnerability in the admin panel in ...)
- TODO: check
+ - python-django <unfixed> (unimportant)
+ NOTE: this is documented in docs/csrf.txt included in the python-django package and
+ NOTE: there is a plugin enabling this feature. This is intended behaviour.
CVE-2007-5827 (iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for ...)
- iscsitarget 0.4.15-5 (bug #448873)
NOTE: init script has "dump" function, which marks conffile correctly
More information about the Secure-testing-commits
mailing list