[Secure-testing-commits] r11526 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Wed Apr 1 20:30:45 UTC 2009


Author: jmm-guest
Date: 2009-04-01 20:30:44 +0000 (Wed, 01 Apr 2009)
New Revision: 11526

Modified:
   data/CVE/list
Log:
- webkit no-dsa
- fix typos


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-04-01 20:26:16 UTC (rev 11525)
+++ data/CVE/list	2009-04-01 20:30:44 UTC (rev 11526)
@@ -60,12 +60,12 @@
 	- phpmyadmin 4:3.1.3.1-1
 CVE-2009-1149 (CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB ...)
 	- phpmyadmin 4:3.1.3.1-1
-	[etch] - phpmyadmn <not-affected> (Vulnerable code not present)
-	[lenny] - phpmyadmn <not-affected> (Vulnerable code not present)
+	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
+	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2009-1148 (Directory traversal vulnerability in bs_disp_as_mime_type.php in the ...)
 	- phpmyadmin 4:3.1.3.1-1
-	[etch] - phpmyadmn <not-affected> (Vulnerable code not present)
-	[lenny] - phpmyadmn <not-affected> (Vulnerable code not present)
+	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
+	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2009-1147
 	RESERVED
 CVE-2009-1146
@@ -6911,7 +6911,8 @@
 	NOT-FOR-US: Opera
 CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome ...)
 	{CVE-2008-4723}
-	- webkit <unfixed> (medium; bug #520052)
+	- webkit <unfixed> (low; bug #520052)
+        [lenny] - webkit <no-dsa> (Minor issue)
 	NOTE: webkit properly handles this issue with respect to extensions such as jpg and txt, but not in general; for example, the attack works for odp, xls, etc extensions (only tested with midori 0.1.4)
 	NOTE: not reproducible using iceweasel 3.0.1
 CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)




More information about the Secure-testing-commits mailing list