[Secure-testing-commits] r10013 - data/CVE

[alfie at alioth.debian.org]

Author: alfie
Date: 2008-10-06 19:01:41 +0000 (Mon, 06 Oct 2008)
New Revision: 10013

Modified:
   data/CVE/list
Log:
merge the temp parts into the real CVE ids

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-06 18:35:33 UTC (rev 10012)
+++ data/CVE/list	2008-10-06 19:01:41 UTC (rev 10013)
@@ -167,12 +167,15 @@
 	NOT-FOR-US: DESlock
 CVE-2008-4361 (Directory traversal vulnerability in PowerPortal 2.0.13 allows remote ...)
 	NOT-FOR-US: PowerPortal
-CVE-2008-4360
+CVE-2008-4360 [Information disclosure w/ mod_userdir]
 	RESERVED
-	- lighttpd 1.4.19-5 (medium)
-CVE-2008-4359
+	- lighttpd 1.4.19-5 (low)
+	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt
+	NOTE: CVE id requested
+CVE-2008-4359 [Unexpected behavior of url.redirect / url.rewrite config options]
 	RESERVED
-	- lighttpd 1.4.19-5 (medium)
+	- lighttpd 1.4.19-5 (low)
+	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt
 CVE-2008-4358 (Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP ...)
 	NOT-FOR-US: SPAW Editor PHP
 CVE-2008-4357 (SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows ...)
@@ -528,13 +531,6 @@
 CVE-2008-XXXX [possible script injection via /etc/wordpress/wp-config.php]
 	- wordpress <unfixed> (bug #500295; unimportant)
 	NOTE: bigger problems, if attacker has access to /etc/wordpress/*
-CVE-2008-XXXX [Unexpected behavior of url.redirect / url.rewrite config options]
-	- lighttpd 1.4.19-5 (low)
-	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt
-CVE-2008-XXXX [Information disclosure w/ mod_userdir]
-	- lighttpd 1.4.19-5 (low)
-	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt
-	NOTE: CVE id requested
 CVE-2008-4298 (Memory leak in the http_request_parse function in request.c in ...)
 	- lighttpd 1.4.19-5 (medium)
 	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt