[Secure-testing-commits] r13501 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Dec 9 09:15:07 UTC 2009
Author: joeyh
Date: 2009-12-09 09:15:02 +0000 (Wed, 09 Dec 2009)
New Revision: 13501
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-12-09 02:40:27 UTC (rev 13500)
+++ data/CVE/list 2009-12-09 09:15:02 UTC (rev 13501)
@@ -320,7 +320,7 @@
- mysql-dfsg-5.1 <unfixed>
- mysql-dfsg-5.0 <removed>
TODO: check
-CVE-2009-4214 [rails insufficient escaping XSS]
+CVE-2009-4214 (Cross-site scripting (XSS) vulnerability in the strip_tags function in ...)
- rails <unfixed> (low; bug #558685)
NOTE: http://groups.google.com/group/rubyonrails-security/browse_thread/thread/4d4f71f2aef4c0ab?pli=1
CVE-2008-XXXX [rails CSRF]
@@ -438,10 +438,12 @@
- mysql-dfsg-5.0 <removed>
TODO: check
CVE-2009-4027 (Race condition in the mac80211 subsystem in the Linux kernel before ...)
+ {DTSA-204-1}
- linux-2.6 2.6.32-1 (medium)
[etch] - linux-2.6 <not-affected> (introduced in 2.6.26)
- linux-2.6.24 <not-affected> (introduced in 2.6.26)
CVE-2009-4026 (The mac80211 subsystem in the Linux kernel before ...)
+ {DTSA-204-1}
- linux-2.6 2.6.32-1 (medium)
[etch] - linux-2.6 <not-affected> (introduced in 2.6.30)
[lenny] - linux-2.6 <not-affected> (introduced in 2.6.30)
@@ -8772,6 +8774,7 @@
RESERVED
CVE-2009-1298 [linux-2.6: ipv4 denial-of-service]
RESERVED
+ {DTSA-204-1}
- linux-2.6 2.6.32-1 (low)
[etch] - linux-2.6 <not-affected> (introduced in 2.6.29)
[lenny] - linux-2.6 <not-affected> (introduced in 2.6.29)
More information about the Secure-testing-commits
mailing list