[Secure-testing-commits] r10402 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Mon Nov 17 18:18:19 UTC 2008 

Author: jmm-guest
Date: 2008-11-17 18:18:17 +0000 (Mon, 17 Nov 2008)
New Revision: 10402

Modified:
   data/CVE/list
Log:
ktorrent fixed
one ruby issue fixed
tomcat6 not affected, just an API package



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-17 18:17:28 UTC (rev 10401)
+++ data/CVE/list	2008-11-17 18:18:17 UTC (rev 10402)
@@ -521,7 +521,7 @@
 	NOT-FOR-US: Simple PHP Scripts blog
 CVE-2008-XXXX [ktorrent issues]
 	- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
-	- ktorrent <unfixed>
+	- ktorrent 3.1.4+dfsg.1-1
 CVE-2008-XXXX [epiphany-browser: Python scripts load modules from current directory]
 	- epiphany-browser 2.22.3-7 (bug #504363; low)
 	[etch] - epiphany-browser <no-dsa> (Minor issue, only vulnerable when called from certain dir)
@@ -2610,7 +2610,7 @@
 CVE-2008-3905 (resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 ...)
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #498978)
-	- ruby1.9 <unfixed> (bug #498977)
+	- ruby1.9 1.9.0.2-6 (bug #498977)
 CVE-2008-3903 (Asterisk PBX 1.2 through 1.6 and Trixbox PBX 2.6.1, when running with ...)
 	NOT-FOR-US: Asterisk PBX
 CVE-2008-3902 (HP firmware 68DTT F.0D stores pre-boot authentication passwords in the ...)
@@ -5010,7 +5010,6 @@
 	- apache <not-affected> (vulnerable code not present)
 CVE-2008-2938 (Directory traversal vulnerability in Apache Tomcat 4.1.0 through ...)
 	- tomcat5.5 5.5.26-5 (low; bug #496309)
-	- tomcat6 <unfixed> (low)
 CVE-2008-2937 (Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a ...)
 	- postfix 2.5.4-1 (low)
 	[etch] - postfix <no-dsa> (minor issue)
@@ -6354,7 +6353,6 @@
 	- pcre3 7.6-2.1 (medium; bug #488919)
 CVE-2008-2370 (Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 ...)
 	- tomcat5.5 5.5.26-4 (bug #494504)
-	- tomcat6 <unfixed> (low)
 CVE-2008-2369 (manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a ...)
 	NOT-FOR-US: Red Hat Network Satellite Server
 CVE-2008-2368
@@ -9050,7 +9048,6 @@
 	- icedove 2.0.0.14-1
 CVE-2008-1232 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 ...)
 	- tomcat5.5 5.5.26-4 (low; bug #494504)
-	- tomcat6 <unfixed> (low)
 CVE-2008-1231 (Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and ...)
 	- jspwiki 2.8.0-1 (bug #470477)
 CVE-2008-1230 (Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 ...)

More information about the Secure-testing-commits mailing list