[Secure-testing-commits] r13115 - in data: CVE DSA
Michael Gilbert
gilbert-guest at alioth.debian.org
Wed Oct 28 15:08:18 UTC 2009
Author: gilbert-guest
Date: 2009-10-28 15:08:18 +0000 (Wed, 28 Oct 2009)
New Revision: 13115
Modified:
data/CVE/list
data/DSA/list
Log:
expat got a separate cve id
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-28 14:48:10 UTC (rev 13114)
+++ data/CVE/list 2009-10-28 15:08:18 UTC (rev 13115)
@@ -203,8 +203,12 @@
RESERVED
CVE-2009-3721
RESERVED
-CVE-2009-3720
+CVE-2009-3720 [expat: dos]
RESERVED
+ - expat <unfixed> (medium; bug #551936)
+ - w3c-libwww <unfixed> (low; bug #551938)
+ [etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
+ - python-xml <unfixed> (medium; bug #551939)
CVE-2009-3719 (Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog ...)
NOT-FOR-US: Battle Blog
CVE-2009-3718 (SQL injection vulnerability in admin/authenticate.asp in Battle Blog ...)
@@ -3755,10 +3759,6 @@
- sun-java6 6-15-1
[lenny] - sun-java6 <no-dsa> (Non-free not supported)
- openjdk-6 6b16-1.6-1 (medium; bug #542210)
- - expat <unfixed> (medium; bug #551936)
- - w3c-libwww <unfixed> (low; bug #551938)
- [etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
- - python-xml <unfixed> (medium; bug #551939)
CVE-2009-2624
RESERVED
CVE-2009-2623
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2009-10-28 14:48:10 UTC (rev 13114)
+++ data/DSA/list 2009-10-28 15:08:18 UTC (rev 13115)
@@ -1,5 +1,5 @@
[28 Oct 2009] DSA-1921-1 expat - denial of service
- {CVE-2009-2625}
+ {CVE-2009-3720}
[etch] - expat 1.95.8-3.4+etch1
[lenny] - expat 2.0.1-4+lenny1
[26 Oct 2009] DSA-1920-1 nginx - denial of service
More information about the Secure-testing-commits
mailing list