[Secure-testing-commits] r7993 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Sun Jan 20 21:14:11 UTC 2008
Author: joeyh
Date: 2008-01-20 21:14:10 +0000 (Sun, 20 Jan 2008)
New Revision: 7993
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-01-20 17:48:23 UTC (rev 7992)
+++ data/CVE/list 2008-01-20 21:14:10 UTC (rev 7993)
@@ -519,6 +519,7 @@
NOT-FOR-US: Site at School
CVE-2008-0128 [Tomcat does not enforce HTTPS for SSO cookies]
RESERVED
+ {DSA-1468-1}
- tomcat5 <removed> (unimportant)
NOTE: SSO cookies not working in 5.0, have only been fixed in 5.5.13, see #34724
- tomcat5.5 5.5.23-1 (low)
@@ -1700,6 +1701,7 @@
- flac 1.2.1-1 (unimportant)
NOTE: Such validations are within the responsibility of the respective applications
CVE-2007-6277 (Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC ...)
+ {DSA-1469-1}
- flac 1.2.1-1
CVE-2007-6276 (The accept_connections function in the virtual private network daemon ...)
NOT-FOR-US: Apple Mac OS X
@@ -6650,6 +6652,7 @@
CVE-2007-4620
RESERVED
CVE-2007-4619 (Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC ...)
+ {DSA-1469-1}
- flac 1.2.1-1 (medium)
CVE-2007-4618 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 ...)
NOT-FOR-US: BEA WebLogic
@@ -11809,6 +11812,7 @@
- linux-2.6 2.6.21-3
[etch] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.20)
CVE-2007-2450 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager ...)
+ {DSA-1468-1}
- tomcat4 <removed> (low)
- tomcat5 <unfixed> (low)
- tomcat5.5 5.5.25-1 (low)
More information about the Secure-testing-commits
mailing list