[Secure-testing-commits] r13078 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Fri Oct 23 16:10:40 UTC 2009
Author: gilbert-guest
Date: 2009-10-23 16:10:30 +0000 (Fri, 23 Oct 2009)
New Revision: 13078
Modified:
data/CVE/list
Log:
mahara maintainer sent an email stating that versions <1.1 are not affected by cve-2009-2171
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-23 15:58:44 UTC (rev 13077)
+++ data/CVE/list 2009-10-23 16:10:30 UTC (rev 13078)
@@ -4943,7 +4943,7 @@
- mahara 1.1.5-1 (low)
CVE-2009-2171 (Mahara 1.1 before 1.1.5 does not apply permission checks when saving a ...)
- mahara 1.1.5-1 (low)
- [lenny] - mahara <no-dsa> (Minor issue)
+ [lenny] - mahara <not-affected> (vulnerable code introduced in 1.1)
CVE-2009-2120 (Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow ...)
NOT-FOR-US: TekBase
CVE-2009-2119 (Cross-site scripting (XSS) vulnerability in the login interface ...)
More information about the Secure-testing-commits
mailing list