[Secure-testing-commits] r8883 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Fri May 23 16:45:50 UTC 2008
Author: nion
Date: 2008-05-23 16:45:47 +0000 (Fri, 23 May 2008)
New Revision: 8883
Modified:
data/CVE/list
Log:
CVE-2008-2266 fixed in uudeview 0.5.20-3.1 (low)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-05-23 12:48:54 UTC (rev 8882)
+++ data/CVE/list 2008-05-23 16:45:47 UTC (rev 8883)
@@ -474,7 +474,7 @@
CVE-2008-2276 (Cross-site request forgery (CSRF) vulnerability in Mantis 1.1.1 allows ...)
- mantis 1.0.8-4.1 (bug #481504)
CVE-2008-2266 (uulib/uunconc.c in UUDeview 0.5.20 allows local users to overwrite ...)
- - uudeview <unfixed> (bug #480972)
+ - uudeview 0.5.20-3.1 (low; bug #480972)
- libconvert-uulib-perl <not-affected> (Code patched by libconver-uulib upstream to use mkstemp)
NOTE: See CVE-2004-2265, where the problem occured as well
CVE-2008-2302 [Cross-site scripting (XSS) by missing escaping]
More information about the Secure-testing-commits
mailing list