[Secure-testing-commits] r7077 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Tue Oct 23 15:40:37 UTC 2007


Author: nion
Date: 2007-10-23 15:40:36 +0000 (Tue, 23 Oct 2007)
New Revision: 7077

Modified:
   data/CVE/list
Log:
CVE-2007-5380, CVE-2007-5379 fixed in rails 1.2.4-1


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-23 15:35:44 UTC (rev 7076)
+++ data/CVE/list	2007-10-23 15:40:36 UTC (rev 7077)
@@ -845,9 +845,9 @@
 CVE-2007-5381 (Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco ...)
 	NOT-FOR-US: Line Printer Daemon (LPD) Cisco
 CVE-2007-5380 (Session fixation vulnerability in Rails before 1.2.4, as used for Ruby ...)
-	TODO: check
+	- rails 1.2.4-1
 CVE-2007-5379 (Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers ...)
-	TODO: check
+	- rails 1.2.4-1
 CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk ...)
 	- tk8.3 8.3.5-10 (medium; bug #446465)
 	- tk8.4 8.4.16-1 (medium)
@@ -1413,7 +1413,7 @@
 	- util-linux 2.13-8 (low)
 	- loop-aes-utils 2.13-2 (low)
 CVE-2007-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Alcatel ...)
-	TODO: check
+	NOT-FOR-US: Alcatel OmniVista
 CVE-2007-5189 (Multiple SQL injection vulnerabilities in mes_add.php in x-script ...)
 	NOT-FOR-US: X-Script
 CVE-2007-5188 (Unspecified vulnerability in the XOOPS uploader class in Xoops ...)




More information about the Secure-testing-commits mailing list