[Secure-testing-commits] r12375 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Sat Jul 18 09:14:32 UTC 2009
Author: joeyh
Date: 2009-07-18 09:14:29 +0000 (Sat, 18 Jul 2009)
New Revision: 12375
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-18 08:57:33 UTC (rev 12374)
+++ data/CVE/list 2009-07-18 09:14:29 UTC (rev 12375)
@@ -1501,6 +1501,7 @@
{DSA-1834-1}
- apache2 2.2.11-7 (medium; bug #534712)
CVE-2009-1890 (The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy ...)
+ {DSA-1834-1}
- apache2 2.2.11-7 (medium; bug #536718)
[etch] - apache2 <not-affected> (bug introduced in 2.2.5)
[lenny] - apache2-mpm-itk 2.2.6-02-1+lenny2
@@ -3854,6 +3855,7 @@
CVE-2009-1190 (Algorithmic complexity vulnerability in the ...)
NOT-FOR-US: Spring Framework
CVE-2009-1189 (The _dbus_validate_signature_with_reason function ...)
+ {DSA-1837-1}
- dbus 1.2.14-1 (high; bug #532720)
NOTE: remote signature spoofing possible, and this was supposed to be
NOTE: originally fixed with the updates for CVE-2008-3834
More information about the Secure-testing-commits
mailing list