[Secure-testing-commits] r11676 - data/CVE

Raphael Geissert atomo64-guest at alioth.debian.org
Tue Apr 21 17:54:51 UTC 2009 

Author: atomo64-guest
Date: 2009-04-21 17:54:51 +0000 (Tue, 21 Apr 2009)
New Revision: 11676

Modified:
   data/CVE/list
Log:
NFUs, three geronimo (RFP) issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-04-21 10:54:12 UTC (rev 11675)
+++ data/CVE/list	2009-04-21 17:54:51 UTC (rev 11676)
@@ -383,7 +383,7 @@
 CVE-2009-1245 (Multiple SQL injection vulnerabilities in the insert_to_pastebin ...)
 	NOT-FOR-US: CCCP Community Clan Portal Pastebin
 CVE-2009-1244 (Unspecified vulnerability in the virtual machine display function in ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2009-1243 (net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an ...)
 	- linux-2.6 <not-affected> (Issue was introduced after 2.6.27 release)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.27 release)
@@ -5531,9 +5531,9 @@
 	- pngcrush 1.6.15-1
 	- libpng 1.2.35-1 (bug #516256)
 CVE-2009-0039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
-	TODO: check
+	- geronimo <itp> (bug #481869)
 CVE-2009-0038 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
-	TODO: check
+	- geronimo <itp> (bug #481869)
 CVE-2009-0037 (The redirect implementation in curl and libcurl 5.11 through 7.19.3, ...)
 	{DSA-1738-1}
 	- curl 7.18.2-8.1 (bug #518423)
@@ -5771,7 +5771,7 @@
 CVE-2008-5519 (The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat ...)
 	- tomcat5.5 <unfixed>
 CVE-2008-5518 (Multiple directory traversal vulnerabilities in the web administration ...)
-	TODO: check
+	- geronimo <itp> (bug #481869)
 CVE-2008-5517 (The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote ...)
 	{DSA-1708-1}
 	- git-core 1:1.5.6.5-2 (low; bug #512330)
@@ -16549,7 +16549,7 @@
 	[etch] - evolution <no-dsa> (Minor issue)
 	NOTE: Requires that the ITip Formatter plugin is disabled, which is enabled by default.
 CVE-2008-1107 (Multiple stack-based buffer overflows in the Danske Bank e-Sec Control ...)
-	TODO: check
+	NOT-FOR-US: Danske Bank e-Sec Control Module
 CVE-2008-1106 (The management interface in Akamai Client (formerly Red Swoosh) 3322 ...)
 	NOT-FOR-US: Akamai Client
 CVE-2008-1105 (Heap-based buffer overflow in the receive_smb_raw function in ...)

More information about the Secure-testing-commits mailing list