[Secure-testing-commits] r10021 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Tue Oct 7 10:22:10 UTC 2008
Author: white
Date: 2008-10-07 10:22:08 +0000 (Tue, 07 Oct 2008)
New Revision: 10021
Modified:
data/CVE/list
Log:
just add information for amarok dupicate CVE id
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-07 10:19:13 UTC (rev 10020)
+++ data/CVE/list 2008-10-07 10:22:08 UTC (rev 10021)
@@ -77,7 +77,10 @@
CVE-2008-4431 (SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and ...)
NOT-FOR-US: IceBB
CVE-2008-4430 (The MagnatuneBrowser::listDownloadComplete function in ...)
- TODO: check
+ - amarok 1.4.10-1 (unimportant; bug #494765)
+ NOTE: The code in question doesn't dereference the symlink, tested with Etch
+ NOTE: and Lenny. Given that it only takes a minute to test this, it's surprising
+ NOTE: that at least one vendor issued an advisory and upstream pushed a new release...
CVE-2008-4429 (Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 ...)
NOT-FOR-US: SOURCENEXT Virus Security ZERO
CVE-2008-4428 (Unrestricted file upload vulnerability in upload.php in Phlatline's ...)
More information about the Secure-testing-commits
mailing list