[Secure-testing-commits] r7779 - in data: . CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Tue Jan 1 17:34:15 UTC 2008 

Author: jmm-guest
Date: 2008-01-01 17:34:15 +0000 (Tue, 01 Jan 2008)
New Revision: 7779

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
updates on minor issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-01-01 16:28:15 UTC (rev 7778)
+++ data/CVE/list	2008-01-01 17:34:15 UTC (rev 7779)
@@ -5655,8 +5655,12 @@
 	NOT-FOR-US: ABC eStore
 CVE-2007-4626 (Unspecified vulnerability in Polipo before 1.0.2 allows remote ...)
 	- polipo 1.0.2-1 (low)
+	[sarge] - polipo <no-dsa> (Minor issue)
+	[etch] - polipo <no-dsa> (Minor issue)
 CVE-2007-4625 (Polipo before 1.0.2 allows remote HTTP servers to cause a denial of ...)
-	- polipo 1.0.2-1
+	- polipo 1.0.2-1 (low)
+	[sarge] - polipo <no-dsa> (Minor issue)
+	[etch] - polipo <no-dsa> (Minor issue)
 CVE-2007-4624 (Cross-site scripting (XSS) vulnerability in pframe.php in AbleDesign ...)
 	NOT-FOR-US: AbleDesign Dynamic Picture Frame
 CVE-2007-4623 (Stack-based buffer overflow in the sendrmt function in bellmail in IBM ...)
@@ -10400,9 +10404,9 @@
 CVE-2007-2631 (Cross-site request forgery (CSRF) vulnerability in SquirrelMail ...)
 	NOTE: Duplicate of CVE-2007-2589
 CVE-2007-2630 (Incomplete blacklist vulnerability in ...)
-	- moin 1.5.8-4.1
+	- moin 1.5.8-4.1 (unimportant)
 	- karrigell <not-affected> (Vulnerable php code not present)
-	- knowledgeroot 0.9.8.2-2
+	- knowledgeroot 0.9.8.2-2 (unimportant)
 CVE-2007-2629 (Bradford CampusManager Network Control Application Server 3.1(6) ...)
 	NOT-FOR-US: Bradford
 CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in ...)
@@ -11476,7 +11480,9 @@
 	NOT-FOR-US: OpenSurveyPilot
 CVE-2007-2165 (The Auth API in ProFTPD before 20070417, when multiple simultaneous ...)
 	- proftpd 1.3.0-24 (low)
+	[sarge] - proftpd <no-dsa> (Minor issue)
 	- proftpd-dfsg 1.3.0-24 (low)
+	[etch] - proftpd-dfsg <no-dsa> (Minor issue)
 CVE-2007-2164 (Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial ...)
 	- kdelibs <unfixed> (unimportant)
 	NOTE: Browser crashes are not treated as security problems

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2008-01-01 16:28:15 UTC (rev 7778)
+++ data/spu-candidates.txt	2008-01-01 17:34:15 UTC (rev 7779)
@@ -22,6 +22,10 @@
 
 --
 
+proftpd (CVE-2007-2165)
+
+--
+
 python2.4, python2.5 (CVE-2007-4965)
 http://bugs.python.org/issue1179
 notified maintainer

More information about the Secure-testing-commits mailing list