[Secure-testing-commits] r11526 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Wed Apr 1 20:30:45 UTC 2009
Author: jmm-guest
Date: 2009-04-01 20:30:44 +0000 (Wed, 01 Apr 2009)
New Revision: 11526
Modified:
data/CVE/list
Log:
- webkit no-dsa
- fix typos
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-01 20:26:16 UTC (rev 11525)
+++ data/CVE/list 2009-04-01 20:30:44 UTC (rev 11526)
@@ -60,12 +60,12 @@
- phpmyadmin 4:3.1.3.1-1
CVE-2009-1149 (CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB ...)
- phpmyadmin 4:3.1.3.1-1
- [etch] - phpmyadmn <not-affected> (Vulnerable code not present)
- [lenny] - phpmyadmn <not-affected> (Vulnerable code not present)
+ [etch] - phpmyadmin <not-affected> (Vulnerable code not present)
+ [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2009-1148 (Directory traversal vulnerability in bs_disp_as_mime_type.php in the ...)
- phpmyadmin 4:3.1.3.1-1
- [etch] - phpmyadmn <not-affected> (Vulnerable code not present)
- [lenny] - phpmyadmn <not-affected> (Vulnerable code not present)
+ [etch] - phpmyadmin <not-affected> (Vulnerable code not present)
+ [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2009-1147
RESERVED
CVE-2009-1146
@@ -6911,7 +6911,8 @@
NOT-FOR-US: Opera
CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome ...)
{CVE-2008-4723}
- - webkit <unfixed> (medium; bug #520052)
+ - webkit <unfixed> (low; bug #520052)
+ [lenny] - webkit <no-dsa> (Minor issue)
NOTE: webkit properly handles this issue with respect to extensions such as jpg and txt, but not in general; for example, the attack works for odp, xls, etc extensions (only tested with midori 0.1.4)
NOTE: not reproducible using iceweasel 3.0.1
CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
More information about the Secure-testing-commits
mailing list