[Secure-testing-commits] r10037 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Tue Oct 7 21:29:16 UTC 2008


Author: jmm-guest
Date: 2008-10-07 21:29:14 +0000 (Tue, 07 Oct 2008)
New Revision: 10037

Modified:
   data/CVE/list
Log:
amarok dupe rejected (and the issue is still bogus...)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-07 21:25:52 UTC (rev 10036)
+++ data/CVE/list	2008-10-07 21:29:14 UTC (rev 10037)
@@ -76,11 +76,8 @@
 	NOT-FOR-US: RMSOFT MiniShop (xoops)
 CVE-2008-4431 (SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and ...)
 	NOT-FOR-US: IceBB
-CVE-2008-4430 (The MagnatuneBrowser::listDownloadComplete function in ...)
-	- amarok 1.4.10-1 (unimportant; bug #494765)
-	NOTE: The code in question doesn't dereference the symlink, tested with Etch
-	NOTE: and Lenny. Given that it only takes a minute to test this, it's surprising
-	NOTE: that at least one vendor issued an advisory and upstream pushed a new release...
+CVE-2008-4430
+	REJECTED
 CVE-2008-4429 (Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 ...)
 	NOT-FOR-US: SOURCENEXT Virus Security ZERO
 CVE-2008-4428 (Unrestricted file upload vulnerability in upload.php in Phlatline's ...)




More information about the Secure-testing-commits mailing list