[Secure-testing-commits] r8187 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Tue Feb 19 11:17:07 UTC 2008
Author: nion
Date: 2008-02-19 11:17:05 +0000 (Tue, 19 Feb 2008)
New Revision: 8187
Modified:
data/CVE/list
Log:
festival already got CVE-2007-4074, now fixed in 1.96~beta-6, did this fix got lost in the past?
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-02-19 11:03:00 UTC (rev 8186)
+++ data/CVE/list 2008-02-19 11:17:05 UTC (rev 8187)
@@ -56,9 +56,6 @@
- am-utils <not-affected> (Affected code not present in the binary package)
NOTE: sendmail includes a copy of the script, which has been fixed since
NOTE: several years
-CVE-2008-XXXX [unauthenticated remote code execution in festival server]
- - festival 1.96~beta-6 (medium; bug #466146)
- NOTE: CVE id pending
CVE-2008-0807 [missing access restriction to user contacts in turba]
- turba2 2.1.7-1 (bug #464058)
NOTE: CVE id pending
@@ -9014,7 +9011,7 @@
CVE-2007-4075 (Cross-site scripting (XSS) vulnerability in index.asp in Alisveris ...)
NOT-FOR-US: Alisveris Sitesi Scripti
CVE-2007-4074 (The default configuration of Centre for Speech Technology Research ...)
- - festival 1.4.3-21 (bug #435445; low)
+ - festival 1.96~beta-6 (bug #435445; low)
[etch] - festival <no-dsa> (Minor issue)
CVE-2007-4073 (Webbler CMS before 3.1.6 does not properly restrict use of "mail a ...)
NOT-FOR-US: Webbler CMS
More information about the Secure-testing-commits
mailing list