[Secure-testing-commits] r13329 - in data: CVE DSA
Raphael Geissert
geissert at alioth.debian.org
Fri Nov 20 18:02:21 UTC 2009
Author: geissert
Date: 2009-11-20 18:02:17 +0000 (Fri, 20 Nov 2009)
New Revision: 13329
Modified:
data/CVE/list
data/DSA/list
Log:
one new nginx issue, another one CVEified
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-11-20 17:50:07 UTC (rev 13328)
+++ data/CVE/list 2009-11-20 18:02:17 UTC (rev 13329)
@@ -1,3 +1,7 @@
+CVE-2009-XXXX [ngingx webdav directory traversal]
+ - nginx <unfixed> (low)
+ TODO: check
+ NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0379.html
CVE-2009-XXXX [dovecot 0777 base_dir creation]
- dovecot <unfixed> (medium)
NOTE: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2009-11-20 17:50:07 UTC (rev 13328)
+++ data/DSA/list 2009-11-20 18:02:17 UTC (rev 13329)
@@ -55,6 +55,7 @@
[etch] - expat 1.95.8-3.4+etch1
[lenny] - expat 2.0.1-4+lenny1
[26 Oct 2009] DSA-1920-1 nginx - denial of service
+ {CVE-2009-3896}
[etch] - nginx 0.4.13-2+etch3
[lenny] - nginx 0.6.32-3+lenny3
[25 Oct 2009] DSA-1919-1 smarty - several vulnerabilities
More information about the Secure-testing-commits
mailing list