[Secure-testing-commits] r12170 - data/CVE

[Nico Golde]

Author: nion
Date: 2009-06-19 19:28:04 +0000 (Fri, 19 Jun 2009)
New Revision: 12170

Modified:
   data/CVE/list
Log:
adjust impact of CVE-2009-2042, rather obscure "exploit" scenario

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-06-19 19:09:20 UTC (rev 12169)
+++ data/CVE/list	2009-06-19 19:28:04 UTC (rev 12170)
@@ -156,8 +156,7 @@
 	TODO: check when MFSA is issued
 	- xulrunner <unfixed> (low)
 CVE-2009-2042 (libpng before 1.2.37 does not properly parse 1-bit interlaced images ...)
-	- libpng 1.2.37-1 (medium; bug #533676)
-	NOTE: medium-urgency since possibly remotely exploitable
+	- libpng 1.2.37-1 (low; bug #533676)
 CVE-2009-2041 (Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab ...)
 	NOT-FOR-US: activeCollab
 CVE-2009-2040 (admin/options.php in Grestul 1.2 does not properly restrict access, ...)