[Secure-testing-commits] r13460 - data/CVE

Steffen Joeris white at alioth.debian.org
Sun Dec 6 07:19:54 UTC 2009


Author: white
Date: 2009-12-06 07:19:50 +0000 (Sun, 06 Dec 2009)
New Revision: 13460

Modified:
   data/CVE/list
Log:
merkaartor CVEified

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-06 07:15:38 UTC (rev 13459)
+++ data/CVE/list	2009-12-06 07:19:50 UTC (rev 13460)
@@ -6,8 +6,6 @@
 	NOT-FOR-US: Adobe Illustrator
 CVE-2009-4194 (Directory traversal vulnerability in Golden FTP Server 4.30 Free and ...)
 	NOT-FOR-US: Golden FTP
-CVE-2009-4193 (Merkaartor 0.14 allows local users to append data to arbitrary files ...)
-	TODO: check
 CVE-2009-4192 (Directory traversal vulnerability in dialog/file_manager.php in ...)
 	NOT-FOR-US: Interspire Knowledge Manager
 CVE-2009-4191 (Unspecified vulnerability in the kernel in Sun Solaris 10 and ...)
@@ -2023,8 +2021,8 @@
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2009-3392 (Unspecified vulnerability in the Agile Engineering Data Management ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-XXXX [merkaartor merkaartor.log minor symlink attack]
-	- merkaartor 0.14+svnfixes~20090912-2 (unimportant; bug #548546)
+CVE-2009-4193 [merkaartor merkaartor.log minor symlink attack]
+	- merkaartor 0.14+svnfixes~20090912-2 (low; bug #548546)
 	[lenny] - merkaartor <not-affected> (vulnerable code not present)
 	NOTE: does not run as root so minor issue.
 CVE-2009-XXXX [amsn SSL verification vuln]




More information about the Secure-testing-commits mailing list