[Secure-testing-commits] r11672 - data/CVE
Nico Golde
nion at alioth.debian.org
Mon Apr 20 21:57:47 UTC 2009
Author: nion
Date: 2009-04-20 21:57:47 +0000 (Mon, 20 Apr 2009)
New Revision: 11672
Modified:
data/CVE/list
Log:
- CVE-2008-6505 doesn't affect struts in Debian
- NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-20 21:14:20 UTC (rev 11671)
+++ data/CVE/list 2009-04-20 21:57:47 UTC (rev 11672)
@@ -11,15 +11,15 @@
CVE-2009-1336
RESERVED
CVE-2009-1335 (Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2009-1334 (Cross-site scripting (XSS) vulnerability in login/FilepathLogin.html ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Continuous Data Protection
CVE-2009-1333 (Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the ...)
- TODO: check
+ NOT-FOR-US: HP Deskjet
CVE-2009-1332 (The Online Help feature in Sun Java System Directory Server 5.2 and ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Directory Server
CVE-2009-1331 (Integer overflow in Microsoft Windows Media Player (WMP) ...)
- TODO: check
+ NOT-FOR-US: Windows Media Player
CVE-2009-XXXX [linux-2.6: /dev/mem rootkit vulnerability]
- linux-2.6 2.6.29-1 (low; bug #524373)
NOTE: according to the kernel team (see bug report), they have no interest in backporting a
@@ -1245,7 +1245,8 @@
CVE-2008-6507 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers to ...)
- phpbb3 3.0.2-4
CVE-2008-6505 (Multiple directory traversal vulnerabilities in Apache Struts 2.0.x ...)
- TODO: check
+ - libstruts1.2-java <not-affected> (Vulnerable code not present)
+ NOTE: looks like this was introduced in 2.x, see upstream trunk r688095
CVE-2008-6504 (ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and ...)
NOT-FOR-US: OpenSymphony XWork
CVE-2009-1040 (Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote ...)
More information about the Secure-testing-commits
mailing list