[Secure-testing-commits] r11286 - data/CVE
gilbert-guest at alioth.debian.org
gilbert-guest at alioth.debian.org
Sun Mar 1 04:27:43 UTC 2009
Author: gilbert-guest
Date: 2009-03-01 04:27:43 +0000 (Sun, 01 Mar 2009)
New Revision: 11286
Modified:
data/CVE/list
Log:
marking webkit cookie issue low severity since the libraries in debian are not yet new enough to support webkit's cookies (libsoup > 2.25.2 is required, which is in experimental, but not yet in unstable)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-01 04:09:52 UTC (rev 11285)
+++ data/CVE/list 2009-03-01 04:27:43 UTC (rev 11286)
@@ -1179,7 +1179,7 @@
CVE-2008-6060 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary ...)
NOT-FOR-US: InfoSoft FusionCharts
CVE-2008-6059 (xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not ...)
- - webkit <unfixed> (bug #516555)
+ - webkit <unfixed> (bug #516555; low)
CVE-2008-6058 (Syslserve 1.058 and earlier, and probably 1.059, allows remote ...)
NOT-FOR-US: Syslserve
CVE-2008-6057 (Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under ...)
More information about the Secure-testing-commits
mailing list