[Secure-testing-commits] r13470 - in data: . CVE

[Michael Gilbert]

Author: gilbert-guest
Date: 2009-12-07 00:40:51 +0000 (Mon, 07 Dec 2009)
New Revision: 13470

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
info for wordpress and jetty issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-07 00:40:39 UTC (rev 13469)
+++ data/CVE/list	2009-12-07 00:40:51 UTC (rev 13470)
@@ -19360,7 +19360,7 @@
 	RESERVED
 CVE-2008-3632 (Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through ...)
 	- webkit 1.0.1-4 (bug #499771)
-	TODO: check other packages using webkit
+	TODO: check qt4-x11, kdelibs, and kde4libs
 CVE-2008-3631 (Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone ...)
 	NOT-FOR-US: Apple iPod
 CVE-2008-3630 (mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an ...)
@@ -27785,9 +27785,9 @@
 CVE-2007-6673 (Cross-site scripting (XSS) vulnerability in Makale Scripti allows ...)
 	NOT-FOR-US: Makale Scripti
 CVE-2007-6672 (Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass ...)
-	- jetty <not-affected> (medium; bug #462793)
+	- jetty <not-affected> (medium; bug #462793; bug #559765)
 	NOTE: only applies to version >= 6
-	TODO: check if version >= 6 is uploaded
+	TODO: maintainer checking on status; follow up
 CVE-2007-6671 (SQL injection vulnerability in login_form.asp in Instant Softwares ...)
 	NOT-FOR-US: Instant Softwares Dating Site
 CVE-2007-6670 (SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2009-12-07 00:40:39 UTC (rev 13469)
+++ data/embedded-code-copies	2009-12-07 00:40:51 UTC (rev 13470)
@@ -1503,3 +1503,6 @@
 
 vamp-plugin-sdk
 	- audacity <unfixed> (embed)
+
+wordpress
+	- libwordpress-xmlrpc-perl <unfixed> (embed) [./xmlrpc.php]