[Secure-testing-commits] r12444 - data/CVE

Wed Jul 29 11:54:04 UTC 2009

Author: nion
Date: 2009-07-29 11:54:04 +0000 (Wed, 29 Jul 2009)
New Revision: 12444

Modified:
   data/CVE/list
Log:
CVE-2009-1524, CVE-2009-1523, CVE-2007-5615, CVE-2007-5614, CVE-2007-5613 fixed in jetty 6.1.19-1

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2009-07-29 10:14:43 UTC (rev 12443)
+++ data/CVE/list	2009-07-29 11:54:04 UTC (rev 12444)
@@ -2881,11 +2881,9 @@
 CVE-2009-1525 (CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote ...)
 	NOT-FOR-US: Directadmin
 CVE-2009-1524 (Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before ...)
-	- jetty <unfixed> (low; bug #527571)
-	NOTE: Fixed in experimental
+	- jetty 6.1.19-1 (low; bug #527571)
 CVE-2009-1523 (Directory traversal vulnerability in the HTTP server in Mort Bay Jetty ...)
-	- jetty <unfixed> (low; bug #528389)
-	NOTE: Fixed in experimental
+	- jetty 6.1.19-1 (low; bug #528389)
 CVE-2009-1522 (The IBM Tivoli Storage Manager (TSM) client 5.5.0.0 through 5.5.1.17 ...)
 	NOT-FOR-US: Tivoli
 CVE-2009-1521 (Unspecified vulnerability in the Java GUI in the IBM Tivoli Storage ...)
@@ -25986,11 +25984,11 @@
 CVE-2007-5616 (ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x ...)
 	NOT-FOR-US: SSH Tectia Client and Server
 CVE-2007-5615 (CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows ...)
-	- jetty <unfixed> (low; bug #454529)
+	- jetty 6.1.19-1 (low; bug #454529)
 CVE-2007-5614 (Mortbay Jetty before 6.1.6rc1 does not properly handle &quot;certain quote ...)
-	- jetty <unfixed> (low; bug #454529)
+	- jetty 6.1.19-1 (low; bug #454529)
 CVE-2007-5613 (Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay ...)
-	- jetty <unfixed> (low; bug #454529)
+	- jetty 6.1.19-1 (low; bug #454529)
 CVE-2007-5612 (CIM Server in IBM Director 5.20.1 and earlier allows remote attackers ...)
 	NOT-FOR-US: IBM Director
 CVE-2007-5611


