[Secure-testing-commits] r12241 - data/CVE

[Nico Golde]

Author: nion
Date: 2009-07-01 17:50:06 +0000 (Wed, 01 Jul 2009)
New Revision: 12241

Modified:
   data/CVE/list
Log:
new cve id for incomplete mapserver fix

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-07-01 11:17:19 UTC (rev 12240)
+++ data/CVE/list	2009-07-01 17:50:06 UTC (rev 12241)
@@ -1,3 +1,6 @@
+CVE-2009-2281 [Heap-based buffer underflow in the readPostBody function in cgiutil.c ...]
+	- mapserver <unfixed> (medium; bug #535340)
+	NOTE: http://www.openwall.com/lists/oss-security/2009/06/22/2
 CVE-2009-2265
 	RESERVED
 CVE-2009-2264
@@ -4332,7 +4335,7 @@
 CVE-2009-0841 (Directory traversal vulnerability in mapserv.c in mapserv in MapServer ...)
 	- mapserver 5.2.2-1 (low; bug #523027)
 CVE-2009-0840 (Heap-based buffer underflow in the readPostBody function in cgiutil.c ...)
-	- mapserver <unfixed> (medium; bug #523027)
+	- mapserver 5.2.2-1 (medium; bug #523027)
 	NOTE: http://www.openwall.com/lists/oss-security/2009/06/22/2
 CVE-2009-0839 (Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x ...)
 	- mapserver 5.2.2-1 (medium; bug #523027)