[Secure-testing-commits] r13008 - in data: CVE DSA

Nico Golde nion at alioth.debian.org
Wed Oct 14 01:59:08 UTC 2009 

Author: nion
Date: 2009-10-14 01:59:08 +0000 (Wed, 14 Oct 2009)
New Revision: 13008

Modified:
   data/CVE/list
   data/DSA/list
Log:
django cve id revised by redhat because of dupe assignment

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-10-13 21:14:23 UTC (rev 13007)
+++ data/CVE/list	2009-10-14 01:59:08 UTC (rev 13008)
@@ -1,5 +1,9 @@
 CVE-2009-3695 (Algorithmic complexity vulnerability in the forms library in Django ...)
-	TODO: check
+	RESERVED
+	{DSA-1905-1}
+	- python-django 1.1.1-1 (medium; bug #550457)
+	[etch] - python-django <not-affected> (introduced in 1.0)
+	[lenny] - python-django 1.0.2-1+lenny2
 CVE-2009-3694 (Directory traversal vulnerability in config/config.php in ezRecipe-Zee ...)
 	TODO: check
 CVE-2009-3693 (Directory traversal vulnerability in the Persits.XUpload.2 ActiveX ...)
@@ -224,12 +228,6 @@
 CVE-2009-3602 (Unbound before 1.3.4 does not properly verify signatures for NSEC3 ...)
 	- unbound <unfixed> (low)
 	NOTE: http://unbound.net/pipermail/unbound-users/2009-October/000852.html
-CVE-2009-3610 [possible DoS in django caused by regex starving resources]
-	RESERVED
-	{DSA-1905-1}
-	- python-django 1.1.1-1 (medium; bug #550457)
-	[etch] - python-django <not-affected> (introduced in 1.0)
-	[lenny] - python-django 1.0.2-1+lenny2
 CVE-2009-3601 (Cross-site scripting (XSS) vulnerability in demo_page.php in Scriptsez ...)
 	NOT-FOR-US: Scriptsez Ultimate Poll
 CVE-2009-3600 (HUBScript 1.0 allows remote attackers to obtain configuration ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2009-10-13 21:14:23 UTC (rev 13007)
+++ data/DSA/list	2009-10-14 01:59:08 UTC (rev 13008)
@@ -2,7 +2,7 @@
 	{CVE-2008-5714 CVE-2009-3290}
 	[lenny] - kvm 72+dfsg-5~lenny3
 [10 Oct 2009] DSA-1905-1 python-django - denial of service
-	{CVE-2009-3610}
+	{CVE-2009-3695}
 	[lenny] - python-django 1.0.2-1+lenny2
 [09 Oct 2009] DSA-1895-2 opensaml2, shibboleth-sp2 - interpretation conflict
 	{CVE-2009-3474 CVE-2009-3475 CVE-2009-3476}

More information about the Secure-testing-commits mailing list