[Secure-testing-commits] r11912 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Sun May 17 09:23:16 UTC 2009
Author: derevko-guest
Date: 2009-05-17 09:23:16 +0000 (Sun, 17 May 2009)
New Revision: 11912
Modified:
data/CVE/list
Log:
NFUs
CVE-2008-6560 and CVE-2008-6552 are fixed in redhat-cluster 2.20081102-1 (2.03.09 upstream version)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-16 19:22:18 UTC (rev 11911)
+++ data/CVE/list 2009-05-17 09:23:16 UTC (rev 11912)
@@ -497,11 +497,11 @@
CVE-2009-1467 (Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail ...)
NOT-FOR-US: IceWarp
CVE-2009-1466 (Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) ...)
- TODO: check
+ NOT-FOR-US: Application Access Server (A-A-S)
CVE-2009-1465 (Application Access Server (A-A-S) 2.0.48 has "wildbat" as its default ...)
- TODO: check
+ NOT-FOR-US: Application Access Server (A-A-S)
CVE-2009-1464 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Application Access Server (A-A-S)
CVE-2009-1463 (Static code injection vulnerability in razorCMS before 0.4 allows ...)
NOT-FOR-US: razorCMS
CVE-2009-1462 (The Security Manager in razorCMS before 0.4 does not verify the ...)
@@ -1849,9 +1849,10 @@
{DSA-1795-1}
- ldns 1.5.1-1
CVE-2008-6560 (Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on ...)
- - redhat-cluster <unfixed>
+ - redhat-cluster 2.20081102-1
NOTE: This seems like a non-issue, since the config file should be under control
NOTE: of the admin?
+ NOTE: Fixed in 2.03.09 upstream version.
CVE-2008-6559 (Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users ...)
NOT-FOR-US: SCO UnixWare
CVE-2008-6558 (Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ...)
@@ -1867,8 +1868,9 @@
CVE-2008-6553 (microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 ...)
NOT-FOR-US: Micro CMS
CVE-2008-6552 (Red Hat Cluster Project 2.x allows local users to modify or overwrite ...)
- - redhat-cluster <unfixed>
- TODO: File bug
+ - redhat-cluster 2.20081102-1
+ NOTE: Fixed in 2.03.09 upstream version.
+ NOTE: Similar to CVE-2008-4192 and CVE-2008-4579
CVE-2008-6551 (Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and ...)
NOT-FOR-US: e-vision CMS
CVE-2008-6550 (Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire ...)
More information about the Secure-testing-commits
mailing list