[Secure-testing-commits] r10008 - data/CVE

[nion at alioth.debian.org]

Author: nion
Date: 2008-10-06 12:11:51 +0000 (Mon, 06 Oct 2008)
New Revision: 10008

Modified:
   data/CVE/list
Log:
CVE-2008-4407 fixed in sabre 0.2.4b-25
CVE-2008-4182 fixed in turba2 2.2.1-2/imp4 4.2-3
CVE-2008-2370 fixed in tomcat5.5 5.5.26-4


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-06 11:45:37 UTC (rev 10007)
+++ data/CVE/list	2008-10-06 12:11:51 UTC (rev 10008)
@@ -153,7 +153,7 @@
 	- gdrae 0.1-1.1 (low; bug #496378)
 	[etch] - gdrae <no-dsa> (Minor issue)
 CVE-2008-4407 [sabre: insecure temp file]
-	- sabre <unfixed> (low; bug #433996)
+	- sabre 0.2.4b-25 (low; bug #433996)
 	[etch] - sabre <no-dsa> (Game not qualified as multi-user system, thus minor issue)
 CVE-2008-4366 (Unrestricted file upload vulnerability in the image upload component ...)
 	NOT-FOR-US: Camera Life
@@ -556,8 +556,8 @@
 CVE-2008-4183 (IntegraMOD 1.4.x stores sensitive information under the web root with ...)
 	NOT-FOR-US: IntegraMOD
 CVE-2008-4182 (Cross-site scripting (XSS) vulnerability in imp/test.php in Horde ...)
-	- turba2 <unfixed> (bug #500114; low)
-	- imp4 <unfixed> (bug #500553; low)
+	- turba2 2.2.1-2 (bug #500114; low)
+	- imp4 4.2-3 (bug #500553; low)
 CVE-2008-4181 (Directory traversal vulnerability in includes/xml.php in the Netenberg ...)
 	NOT-FOR-US: Netenberg Fantastico De Luxe module for cPanel
 CVE-2008-4180 (Unspecified vulnerability in db.php in NooMS 1.1 allows remote ...)
@@ -4835,7 +4835,7 @@
 	{DSA-1602-1 DTSA-145-1}
 	- pcre3 7.6-2.1 (medium; bug #488919)
 CVE-2008-2370 (Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 ...)
-	- tomcat5.5 <unfixed> (bug #494504)
+	- tomcat5.5 5.5.26-4 (bug #494504)
 	- tomcat6 <unfixed> (low)
 CVE-2008-2369 (manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a ...)
 	NOT-FOR-US: Red Hat Network Satellite Server