[Secure-testing-commits] r12597 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Sat Aug 15 01:58:35 UTC 2009
Author: gilbert-guest
Date: 2009-08-15 01:58:35 +0000 (Sat, 15 Aug 2009)
New Revision: 12597
Modified:
data/CVE/list
Log:
present kernels not affected by CVE-2009-6514 (thanks to Moritz for checking)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-14 21:14:15 UTC (rev 12596)
+++ data/CVE/list 2009-08-15 01:58:35 UTC (rev 12597)
@@ -23949,10 +23949,8 @@
CVE-2007-6508 (Directory traversal vulnerability in view.php in xeCMS 1.0 allows ...)
NOT-FOR-US: xeCMS
CVE-2007-6514 (Apache HTTP Server, when running on Linux with a document root on a ...)
- - linux-2.6 <unfixed> (low; bug #529318)
- NOTE: While labeled as an Apache flaw, this needs to be fixed in smbfs
- NOTE: This is likely already fixed in recent kernels, but we need to pin point a fixed version
- NOTE: Low urgency since the worst that can happen is exposure of php (or other script) code that was intended to be kept secret from remote http users
+ - linux-2.6 <not-affected> (fix committed before 2.6.18; bug #529318)
+ - linux-2.6.24 <not-affected> (fix committed before 2.6.18)
CVE-2007-XXXX [venkman preinst symlink dos]
- venkman 0.9.87.2-1 (bug #456520)
[lenny] - venkman <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list