[Secure-testing-commits] r13691 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Dec 31 21:14:27 UTC 2009
Author: joeyh
Date: 2009-12-31 21:14:26 +0000 (Thu, 31 Dec 2009)
New Revision: 13691
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-12-31 17:09:22 UTC (rev 13690)
+++ data/CVE/list 2009-12-31 21:14:26 UTC (rev 13691)
@@ -942,6 +942,7 @@
CVE-2009-4137 (The loadContentFromCookie function in core/Cookie.php in Piwik before ...)
- piwik <itp> (bug #506933)
CVE-2009-4136 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before ...)
+ {DSA-1964-1}
- postgresql-7.4 <removed>
- postgresql-8.1 <removed>
- postgresql-8.2 <removed>
@@ -1198,6 +1199,7 @@
NOTE: Was fixed somewhere between 0.4.5 and 0.5.1
NOTE: swftools probably not affected
CVE-2009-4034 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before ...)
+ {DSA-1964-1}
- postgresql-7.4 <removed>
- postgresql-8.1 <removed>
- postgresql-8.2 <removed>
@@ -2627,7 +2629,7 @@
CVE-2009-3561 (Directory traversal vulnerability in Xerver HTTP Server 4.32 allows ...)
NOT-FOR-US: Xerver HTTP Server
CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, ...)
- {DSA-1953-1}
+ {DSA-1953-2 DSA-1953-1}
- expat 2.0.1-6 (low; bug #560901)
TODO: reissue DSA due to regression in perl xml parser. see http://mail.libexpat.org/pipermail/expat-discuss/2009-December/002644.html (new patch not yet available).
- w3c-libwww <removed>
More information about the Secure-testing-commits
mailing list