[Secure-testing-commits] r8597 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Wed Apr 23 10:38:29 UTC 2008
Author: thijs
Date: 2008-04-23 10:38:28 +0000 (Wed, 23 Apr 2008)
New Revision: 8597
Modified:
data/CVE/list
Log:
two new serendipity issues, fixed in sid
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-04-23 09:41:36 UTC (rev 8596)
+++ data/CVE/list 2008-04-23 10:38:28 UTC (rev 8597)
@@ -1151,9 +1151,14 @@
CVE-2008-1387 (ClamAV before 0.93 allows remote attackers to cause a denial of ...)
- clamav 0.92.1~dfsg2-1
[etch] - clamav <not-affected> (Vulnerable code not present)
-CVE-2008-1386
+CVE-2008-1386 [serendipity xss]
+ - serendipity 1.3.1-1
+ NOTE: http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html
RESERVED
-CVE-2008-1385
+CVE-2008-1385 [serendipity xss]
+ - serendipity 1.3.1-1
+ NOTE: http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html
+ NOTE: One of these two issues seems very theoretical, other one needs further assessment
RESERVED
CVE-2008-1384 (Integer overflow in PHP 5.2.5 and earlier allows context-dependent ...)
- php5 <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list