[Secure-testing-commits] r12982 - in data: . CVE
Steffen Joeris
white at alioth.debian.org
Sat Oct 10 23:42:52 UTC 2009
Author: white
Date: 2009-10-10 23:42:52 +0000 (Sat, 10 Oct 2009)
New Revision: 12982
Modified:
data/CVE/list
data/package-tags
Log:
Clamav no-dsa(s), not supported anymore
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-10 21:14:18 UTC (rev 12981)
+++ data/CVE/list 2009-10-10 23:42:52 UTC (rev 12982)
@@ -4116,6 +4116,7 @@
NOT-FOR-US: avast! Linux Home Edition
CVE-2008-6845 (The unpack feature in ClamAV 0.93.3 and earlier allows remote ...)
- clamav 0.94.dfsg-1
+ [etch] - clamav <no-dsa> (Support was discontinued)
CVE-2008-6844 (The registration view (/user/register) in eZ Publish 3.5.6 and ...)
NOT-FOR-US: eZ Publish
CVE-2008-6843 (Directory traversal vulnerability in index.php in Fantastico, as used ...)
@@ -4684,6 +4685,7 @@
CVE-2009-XXXX [clamav scanner bypass with archives]
- clamav 0.95.2+dfsg-1 (low; bug #535881)
[lenny] - clamav <no-dsa> (Inherent to the concept of malware concept)
+ [etch] - clamav <no-dsa> (Support was discontinued)
NOTE: http://blog.zoller.lu/2009/05/advisory-clamav-generic-bypass.html
CVE-2009-2073 (Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N ...)
NOT-FOR-US: Linksys
Modified: data/package-tags
===================================================================
--- data/package-tags 2009-10-10 21:14:18 UTC (rev 12981)
+++ data/package-tags 2009-10-10 23:42:52 UTC (rev 12982)
@@ -24,3 +24,6 @@
[sid] vmware-package <unspported> (Only a build script for native upstream tarballs, not supported)
[etch] rails <unsupported> (Unusable, should be removed)
+
+[etch] clamav <unsupported> (No signature updates anymore, should be taken from volatile)
+[lenny] clamav <unsupported> (No signature updates anymore, should be taken from volatile)
More information about the Secure-testing-commits
mailing list