[Secure-testing-commits] r13329 - in data: CVE DSA

Raphael Geissert geissert at alioth.debian.org
Fri Nov 20 18:02:21 UTC 2009


Author: geissert
Date: 2009-11-20 18:02:17 +0000 (Fri, 20 Nov 2009)
New Revision: 13329

Modified:
   data/CVE/list
   data/DSA/list
Log:
one new nginx issue, another one CVEified


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-11-20 17:50:07 UTC (rev 13328)
+++ data/CVE/list	2009-11-20 18:02:17 UTC (rev 13329)
@@ -1,3 +1,7 @@
+CVE-2009-XXXX [ngingx webdav directory traversal]
+	- nginx <unfixed> (low)
+	TODO: check
+	NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0379.html
 CVE-2009-XXXX [dovecot 0777 base_dir creation]
 	- dovecot <unfixed> (medium)
 	NOTE: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2009-11-20 17:50:07 UTC (rev 13328)
+++ data/DSA/list	2009-11-20 18:02:17 UTC (rev 13329)
@@ -55,6 +55,7 @@
 	[etch] - expat 1.95.8-3.4+etch1
 	[lenny] - expat 2.0.1-4+lenny1
 [26 Oct 2009] DSA-1920-1 nginx - denial of service
+	{CVE-2009-3896}
 	[etch] - nginx 0.4.13-2+etch3
 	[lenny] - nginx 0.6.32-3+lenny3
 [25 Oct 2009] DSA-1919-1 smarty - several vulnerabilities




More information about the Secure-testing-commits mailing list