[Secure-testing-commits] r7850 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Mon Jan 7 20:10:10 UTC 2008
Author: jmm-guest
Date: 2008-01-07 20:10:09 +0000 (Mon, 07 Jan 2008)
New Revision: 7850
Modified:
data/CVE/list
Log:
more updates on tomcat
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-01-07 19:32:01 UTC (rev 7849)
+++ data/CVE/list 2008-01-07 20:10:09 UTC (rev 7850)
@@ -11132,10 +11132,10 @@
- tomcat5.5 5.5.25-1 (low)
[sarge] - tomcat4 <no-dsa> (Contrib not supported)
CVE-2007-2449 (Multiple cross-site scripting (XSS) vulnerabilities in certain JSP ...)
- [sarge] - tomcat4 <no-dsa> (Contrib not supported)
- - tomcat4 <removed> (low)
- - tomcat5 <unfixed> (low)
- - tomcat5.5 5.5.25-1 (low)
+ - tomcat4 <removed> (unimportant)
+ - tomcat5 <removed> (unimportant)
+ - tomcat5.5 5.5.25-1 (unimportant)
+ NOTE: Only present in the examples, not in production code
CVE-2007-2448 (Subversion 1.4.3 and earlier does not properly implement the "partial ...)
- subversion 1.4.4dfsg1-1 (bug #428194; low)
[etch] - subversion <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list