[Secure-testing-commits] r11404 - in data: . CVE

[jmm-guest at alioth.debian.org]

Author: jmm-guest
Date: 2009-03-15 13:34:15 +0000 (Sun, 15 Mar 2009)
New Revision: 11404

Modified:
   data/CVE/list
   data/ospu-candidates.txt
   data/spu-candidates.txt
Log:
kaya no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-03-15 13:27:54 UTC (rev 11403)
+++ data/CVE/list	2009-03-15 13:34:15 UTC (rev 11404)
@@ -116,6 +116,8 @@
 	NOT-FOR-US: Joomla
 CVE-2008-6428 (The CGI framework in Kaya 0.4.0 allows remote attackers to inject ...)
 	- kaya 0.4.2-1 (low)
+	[lenny] - kaya <no-dsa> (Minor issue)
+	[etch] - kaya <no-dsa> (Minor issue)
 	NOTE: the fix checks with a regex for malicious characters in the HTTP header, see CGI.k changes
 CVE-2008-6427 (SQL injection vulnerability in index.php in Hivemaker Professional ...)
 	NOT-FOR-US: Hivemaker Professional
@@ -371,7 +373,6 @@
 	{DSA-1741-1}
 	- psi 0.12.1-1 (low; bug #518468)
 	[etch] - psi <not-affected> (Vulnerable code not present)
-	NOTE: http://jolmos.blogspot.com/2008/12/psi-remote-integer-overflow.html
 CVE-2009-0752 (Unspecified vulnerability in Movable Type Pro and Community Solution ...)
 	- movabletype-opensource <not-affected> (bug #518469)
 	NOTE: http://www.sixapart.com/pipermail/mtos-dev/2009-March/002677.html

Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt	2009-03-15 13:27:54 UTC (rev 11403)
+++ data/ospu-candidates.txt	2009-03-15 13:34:15 UTC (rev 11404)
@@ -264,6 +264,10 @@
 
 --
 
+kaya (CVE-2008-6428)
+
+--
+
 konwert (CVE-2008-4964)
 #496379
 notified maintainer

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2009-03-15 13:27:54 UTC (rev 11403)
+++ data/spu-candidates.txt	2009-03-15 13:34:15 UTC (rev 11404)
@@ -10,6 +10,10 @@
 
 --
 
+kaya (CVE-2008-6428)
+
+--
+
 mpfr (CVE-2009-0757)
 
 --