[Secure-testing-commits] r9639 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Sun Aug 24 21:13:50 UTC 2008
Author: jmm-guest
Date: 2008-08-24 21:13:49 +0000 (Sun, 24 Aug 2008)
New Revision: 9639
Modified:
data/CVE/list
Log:
non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-08-24 21:10:13 UTC (rev 9638)
+++ data/CVE/list 2008-08-24 21:13:49 UTC (rev 9639)
@@ -161,7 +161,10 @@
CVE-2003-1563 (Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real ...)
NOT-FOR-US: Oracle
CVE-2008-3699 (The MagnatuneBrowser::listDownloadComplete function in ...)
- - amarok 1.4.10-1 (low; bug #494765)
+ - amarok 1.4.10-1 (unimportant; bug #494765)
+ NOTE: The code in question doesn't dereference the symlink, tested with Etch
+ NOTE: and Lenny. Given that it only takes a minute to test this, it's surprising
+ NOTE: that at least one vendor issued an advisory and upstream pushed a new release...
CVE-2008-3740 [drupal XSS]
RESERVED
{DTSA-156-1}
More information about the Secure-testing-commits
mailing list