[Secure-testing-commits] r12597 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Sat Aug 15 01:58:35 UTC 2009


Author: gilbert-guest
Date: 2009-08-15 01:58:35 +0000 (Sat, 15 Aug 2009)
New Revision: 12597

Modified:
   data/CVE/list
Log:
present kernels not affected by CVE-2009-6514 (thanks to Moritz for checking)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-14 21:14:15 UTC (rev 12596)
+++ data/CVE/list	2009-08-15 01:58:35 UTC (rev 12597)
@@ -23949,10 +23949,8 @@
 CVE-2007-6508 (Directory traversal vulnerability in view.php in xeCMS 1.0 allows ...)
 	NOT-FOR-US: xeCMS
 CVE-2007-6514 (Apache HTTP Server, when running on Linux with a document root on a ...)
-	- linux-2.6 <unfixed> (low; bug #529318)
-	NOTE: While labeled as an Apache flaw, this needs to be fixed in smbfs
-	NOTE: This is likely already fixed in recent kernels, but we need to pin point a fixed version
-	NOTE: Low urgency since the worst that can happen is exposure of php (or other script) code that was intended to be kept secret from remote http users
+	- linux-2.6 <not-affected> (fix committed before 2.6.18; bug #529318)
+	- linux-2.6.24 <not-affected> (fix committed before 2.6.18)
 CVE-2007-XXXX [venkman preinst symlink dos]
 	- venkman 0.9.87.2-1 (bug #456520)
 	[lenny] - venkman <not-affected> (Vulnerable code not present)




More information about the Secure-testing-commits mailing list