[Secure-testing-commits] r12567 - in data: . CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Aug 11 19:20:39 UTC 2009
Author: gilbert-guest
Date: 2009-08-11 19:20:39 +0000 (Tue, 11 Aug 2009)
New Revision: 12567
Modified:
data/CVE/list
data/ospu-candidates.txt
data/spu-candidates.txt
Log:
wordpress issue is an spu/ospu candidate
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-11 18:43:00 UTC (rev 12566)
+++ data/CVE/list 2009-08-11 19:20:39 UTC (rev 12567)
@@ -1,8 +1,11 @@
CVE-2009-XXXX [wordpress password reset]
- - wordpress <unfixed> (unimportant; bug #541102)
+ - wordpress <unfixed> (low; bug #541102)
[lenny] - wordpress <no-dsa> (Minor issue)
[etch] - wordpress <no-dsa> (Minor issue)
NOTE: not really a security issue in my opinion, just an annoying bug
+ NOTE: attacker can gain access to wordpress accounts, which is undesirable,
+ NOTE: but not horribly useful or bad for the rest of the system
+ NOTE: this is targeted to be fixed in stable point releases
CVE-2009-XXXX [libxerces2-java: xml-based firewall bypass / port scanning]
- libxerces2-java <unfixed> (low; bug #540862)
[etch] - libxerces2-java <no-dsa> (minor issue)
Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt 2009-08-11 18:43:00 UTC (rev 12566)
+++ data/ospu-candidates.txt 2009-08-11 19:20:39 UTC (rev 12567)
@@ -718,6 +718,12 @@
--
+wordpress
+bug #541102
+notified maintainer
+
+--
+
wyrd (CVE-2008-0806)
bug #466382
notified maintainer
Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2009-08-11 18:43:00 UTC (rev 12566)
+++ data/spu-candidates.txt 2009-08-11 19:20:39 UTC (rev 12567)
@@ -196,6 +196,12 @@
--
+wordpress
+bug #541102
+notified maintainer
+
+--
+
xemacs21 (CVE-2008-2142)
bug #480877
notified maintainer
More information about the Secure-testing-commits
mailing list