[Secure-testing-commits] r9768 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Sat Sep 6 09:39:46 UTC 2008
Author: stef-guest
Date: 2008-09-06 09:39:45 +0000 (Sat, 06 Sep 2008)
New Revision: 9768
Modified:
data/CVE/list
Log:
apache2 stable updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-06 01:54:08 UTC (rev 9767)
+++ data/CVE/list 2008-09-06 09:39:45 UTC (rev 9768)
@@ -2255,7 +2255,7 @@
TODO: check
CVE-2008-2939 (Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the ...)
- apache2 2.2.9-7 (low)
- [etch] - apache2 <no-dsa> (minor issue)
+ [etch] - apache2 <no-dsa> (minor issue; fix will be in 2.2.3-4+etch6)
- apache <not-affected> (vulnerable code not present)
CVE-2008-2938 (Directory traversal vulnerability in Apache Tomcat 4.1.0 through ...)
- tomcat5.5 <unfixed> (low; bug #496309)
@@ -3614,6 +3614,7 @@
NOTE: f358166a9405e4f1d8e50d8f415c26d95505b6de
CVE-2008-2364 (The ap_proxy_http_process_response function in mod_proxy_http.c in the ...)
- apache2 2.2.9-1 (low)
+ [etch] - apache2 <no-dsa> (minor issue, fix will be in 2.2.3-4+etch6)
TODO: check apache 1.3
CVE-2008-2363 (The PartsBatch class in Pan 0.132 and earlier does not properly manage ...)
- pan 0.132-3.1 (bug #483562)
@@ -9777,6 +9778,7 @@
- apache2 2.2.9-1 (low)
[etch] - apache2 <no-dsa> (minor issue)
[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
+ NOTE: Won't be fixed in etch.
CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, ...)
NOT-FOR-US: HP-UX
CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through ...)
More information about the Secure-testing-commits
mailing list