[Secure-testing-commits] r9037 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Jun 11 17:28:31 UTC 2008
Author: stef-guest
Date: 2008-06-11 17:28:30 +0000 (Wed, 11 Jun 2008)
New Revision: 9037
Modified:
data/CVE/list
Log:
fixed or to-be-fixed apache2 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-06-11 17:05:54 UTC (rev 9036)
+++ data/CVE/list 2008-06-11 17:28:30 UTC (rev 9037)
@@ -403,8 +403,10 @@
RESERVED
CVE-2008-2365
RESERVED
-CVE-2008-2364
+CVE-2008-2364 [apache2 mod_proxy_http DoS]
RESERVED
+ - apache2 2.2.9-1 (low)
+ TODO: check apache 1.3
CVE-2008-2363 (The PartsBatch class in Pan 0.132 and earlier does not properly manage ...)
- pan 0.132-3.1 (bug #483562)
[etch] - pan <not-affected> (Vulnerable code not added until 0.130)
@@ -6462,7 +6464,7 @@
[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
[etch] - apache2 2.2.3-4+etch4 (low)
CVE-2007-6420 (Cross-site request forgery (CSRF) vulnerability in the ...)
- - apache2 <unfixed> (low)
+ - apache2 2.2.9-1 (low)
[etch] - apache2 <no-dsa> (minor issue)
[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, ...)
@@ -18686,9 +18688,9 @@
CVE-2007-1743 (suexec in Apache HTTP Server (httpd) 2.2.3 does not verify ...)
- apache2 <unfixed> (unimportant)
CVE-2007-1742 (suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison ...)
- - apache2 <unfixed> (unimportant)
+ - apache2 2.2.8-5 (unimportant)
CVE-2007-1741 (Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 ...)
- - apache2 <unfixed> (unimportant)
+ - apache2 2.2.8-5 (unimportant)
CVE-2007-1740
REJECTED
CVE-2007-1739 (Heap-based buffer overflow in the LDAP server in IBM Lotus Domino ...)
More information about the Secure-testing-commits
mailing list