[Secure-testing-commits] r12168 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Fri Jun 19 18:13:13 UTC 2009
Author: gilbert-guest
Date: 2009-06-19 18:13:12 +0000 (Fri, 19 Jun 2009)
New Revision: 12168
Modified:
data/CVE/list
Log:
bug submitted for CVE-2009-2042
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-19 18:07:55 UTC (rev 12167)
+++ data/CVE/list 2009-06-19 18:13:12 UTC (rev 12168)
@@ -155,7 +155,8 @@
TODO: check when MFSA is issued
- xulrunner <unfixed> (low)
CVE-2009-2042 (libpng before 1.2.37 does not properly parse 1-bit interlaced images ...)
- - libpng 1.2.37-1 (low)
+ - libpng 1.2.37-1 (medium; bug #533676)
+ NOTE: medium-urgency since possibly remotely exploitable
CVE-2009-2041 (Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab ...)
NOT-FOR-US: activeCollab
CVE-2009-2040 (admin/options.php in Grestul 1.2 does not properly restrict access, ...)
More information about the Secure-testing-commits
mailing list