[Secure-testing-commits] r10282 - data/CVE

atomo64-guest at alioth.debian.org atomo64-guest at alioth.debian.org
Wed Nov 5 03:27:39 UTC 2008


Author: atomo64-guest
Date: 2008-11-05 03:27:39 +0000 (Wed, 05 Nov 2008)
New Revision: 10282

Modified:
   data/CVE/list
Log:
Oops, the crossfire-maps issue was already known


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-05 03:16:58 UTC (rev 10281)
+++ data/CVE/list	2008-11-05 03:27:39 UTC (rev 10282)
@@ -17,8 +17,8 @@
 CVE-2008-4909 (Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and ...)
 	NOT-FOR-US: CompactCMS
 CVE-2008-4908 (maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local ...)
-	[etch] - crossfire-maps <unfixed> (low; bug #504561)
-	- crossfire-maps <not-affected> (The file doesn't exist in the package as shipped in lenny)
+	- crossfire-maps 1.11.0-2 (low; bug #496358; bug #504561)
+	[etch] - crossfire-maps <no-dsa> (Minor issue)
 CVE-2008-4906 (SQL injection vulnerability in lyrics_song.php in the Lyrics ...)
 	NOT-FOR-US: Lyrics (lyrics_menu) plugin for e107
 CVE-2008-4905 (Typo 5.1.3 and earlier uses a hard-coded salt for calculating password ...)
@@ -2866,9 +2866,6 @@
 	- lazarus 0.9.24-0-11 (unimportant; bug #496377)
 	NOTE: vulnerable script only called when updating the source
 	NOTE: thus neither actively used nor invoked automatically
-CVE-2008-XXXX [crossfire-maps: insecure temp file]
-	- crossfire-maps 1.11.0-2 (low; bug #496358)
-	[etch] - crossfire-maps <no-dsa> (Minor issue)
 CVE-2008-3794 (Integer signedness error in the mms_ReceiveCommand function in ...)
 	{DTSA-166-1}
 	- vlc 0.8.6.h-4 (medium; bug #496265)




More information about the Secure-testing-commits mailing list