[Secure-testing-commits] r11676 - data/CVE
Raphael Geissert
atomo64-guest at alioth.debian.org
Tue Apr 21 17:54:51 UTC 2009
Author: atomo64-guest
Date: 2009-04-21 17:54:51 +0000 (Tue, 21 Apr 2009)
New Revision: 11676
Modified:
data/CVE/list
Log:
NFUs, three geronimo (RFP) issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-21 10:54:12 UTC (rev 11675)
+++ data/CVE/list 2009-04-21 17:54:51 UTC (rev 11676)
@@ -383,7 +383,7 @@
CVE-2009-1245 (Multiple SQL injection vulnerabilities in the insert_to_pastebin ...)
NOT-FOR-US: CCCP Community Clan Portal Pastebin
CVE-2009-1244 (Unspecified vulnerability in the virtual machine display function in ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2009-1243 (net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an ...)
- linux-2.6 <not-affected> (Issue was introduced after 2.6.27 release)
- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.27 release)
@@ -5531,9 +5531,9 @@
- pngcrush 1.6.15-1
- libpng 1.2.35-1 (bug #516256)
CVE-2009-0039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
- TODO: check
+ - geronimo <itp> (bug #481869)
CVE-2009-0038 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
- TODO: check
+ - geronimo <itp> (bug #481869)
CVE-2009-0037 (The redirect implementation in curl and libcurl 5.11 through 7.19.3, ...)
{DSA-1738-1}
- curl 7.18.2-8.1 (bug #518423)
@@ -5771,7 +5771,7 @@
CVE-2008-5519 (The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat ...)
- tomcat5.5 <unfixed>
CVE-2008-5518 (Multiple directory traversal vulnerabilities in the web administration ...)
- TODO: check
+ - geronimo <itp> (bug #481869)
CVE-2008-5517 (The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote ...)
{DSA-1708-1}
- git-core 1:1.5.6.5-2 (low; bug #512330)
@@ -16549,7 +16549,7 @@
[etch] - evolution <no-dsa> (Minor issue)
NOTE: Requires that the ITip Formatter plugin is disabled, which is enabled by default.
CVE-2008-1107 (Multiple stack-based buffer overflows in the Danske Bank e-Sec Control ...)
- TODO: check
+ NOT-FOR-US: Danske Bank e-Sec Control Module
CVE-2008-1106 (The management interface in Akamai Client (formerly Red Swoosh) 3322 ...)
NOT-FOR-US: Akamai Client
CVE-2008-1105 (Heap-based buffer overflow in the receive_smb_raw function in ...)
More information about the Secure-testing-commits
mailing list