[Secure-testing-commits] r7077 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Tue Oct 23 15:40:37 UTC 2007
Author: nion
Date: 2007-10-23 15:40:36 +0000 (Tue, 23 Oct 2007)
New Revision: 7077
Modified:
data/CVE/list
Log:
CVE-2007-5380, CVE-2007-5379 fixed in rails 1.2.4-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-10-23 15:35:44 UTC (rev 7076)
+++ data/CVE/list 2007-10-23 15:40:36 UTC (rev 7077)
@@ -845,9 +845,9 @@
CVE-2007-5381 (Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco ...)
NOT-FOR-US: Line Printer Daemon (LPD) Cisco
CVE-2007-5380 (Session fixation vulnerability in Rails before 1.2.4, as used for Ruby ...)
- TODO: check
+ - rails 1.2.4-1
CVE-2007-5379 (Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers ...)
- TODO: check
+ - rails 1.2.4-1
CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk ...)
- tk8.3 8.3.5-10 (medium; bug #446465)
- tk8.4 8.4.16-1 (medium)
@@ -1413,7 +1413,7 @@
- util-linux 2.13-8 (low)
- loop-aes-utils 2.13-2 (low)
CVE-2007-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Alcatel ...)
- TODO: check
+ NOT-FOR-US: Alcatel OmniVista
CVE-2007-5189 (Multiple SQL injection vulnerabilities in mes_add.php in x-script ...)
NOT-FOR-US: X-Script
CVE-2007-5188 (Unspecified vulnerability in the XOOPS uploader class in Xoops ...)
More information about the Secure-testing-commits
mailing list