[Secure-testing-commits] r8743 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu May 8 16:14:52 UTC 2008
Author: nion
Date: 2008-05-08 16:14:51 +0000 (Thu, 08 May 2008)
New Revision: 8743
Modified:
data/CVE/list
Log:
CVE-2008-2105 and CVE-2008-2104 do not affect bugzilla in Debian
one new bugzilla issue (CVE-2008-2103)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-05-08 15:52:03 UTC (rev 8742)
+++ data/CVE/list 2008-05-08 16:14:51 UTC (rev 8743)
@@ -20,11 +20,11 @@
CVE-2008-2106 (Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated ...)
NOT-FOR-US: Call of Duty
CVE-2008-2105 (email_in.pl in Bugzilla 2.23.4, and later versions before 3.0, allows ...)
- TODO: check
+ - bugzilla <not-affected> (vulnerable code introduced in 2.23.4)
CVE-2008-2104 (The WebService in Bugzilla before 3.1.3 allows remote authenticated ...)
- TODO: check
+ - bugzilla <not-affected> (regression introduced in 3.1.3 referring to upstream)
CVE-2008-2103 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later ...)
- TODO: check
+ - bugzilla <unfixed> (low; bug #453487)
CVE-2008-2102
RESERVED
CVE-2008-2101
More information about the Secure-testing-commits
mailing list