[Secure-testing-commits] r11264 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Wed Feb 25 09:14:19 UTC 2009
Author: joeyh
Date: 2009-02-25 09:14:17 +0000 (Wed, 25 Feb 2009)
New Revision: 11264
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-25 07:36:13 UTC (rev 11263)
+++ data/CVE/list 2009-02-25 09:14:17 UTC (rev 11264)
@@ -1,9 +1,9 @@
CVE-2009-XXXX [thunar: potential exploits via application launchers]
- - thunar <unfixed> (bug #517020; low)
- NOTE: CVE needs to be requested
+ - thunar <unfixed> (bug #517020; low)
+ NOTE: CVE needs to be requested
CVE-2009-XXXX [debian-installer: no-root option in expert installer exposes locally exploitable security flaw]
- - debian-installer <unfixed> (bug #517018; low)
- NOTE: should a CVE be requested for this problem?
+ - debian-installer <unfixed> (bug #517018; low)
+ NOTE: should a CVE be requested for this problem?
CVE-2009-XXXX [Http double slash request arbitrary file access vulnerability in mldonkey]
- mldonkey <unfixed> (bug #516829; medium)
NOTE: daemon is run as non-root and can only be exploited via localhost
@@ -536,7 +536,7 @@
CVE-2008-6107 (The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, ...)
- linux-2.6 <unfixed> (low)
- linux-2.6.24 <removed>
- NOTE: should this be considered a problem in lenny/squeeze/sid since description says that the problem applies to kernels before 2.6.25.4?
+ NOTE: should this be considered a problem in lenny/squeeze/sid since description says that the problem applies to kernels before 2.6.25.4?
CVE-2008-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Workplace for ...)
NOT-FOR-US: IBM Workplace for Business Controls
CVE-2008-6105 (Cross-site scripting (XSS) vulnerability in IBM Workplace for Business ...)
More information about the Secure-testing-commits
mailing list