[Secure-testing-commits] r14476 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Wed Apr 14 08:17:45 UTC 2010


Author: derevko-guest
Date: 2010-04-14 08:17:40 +0000 (Wed, 14 Apr 2010)
New Revision: 14476

Modified:
   data/CVE/list
Log:
- CVE-2010-1277 and CVE-2010-0743 fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-13 23:26:46 UTC (rev 14475)
+++ data/CVE/list	2010-04-14 08:17:40 UTC (rev 14476)
@@ -159,7 +159,10 @@
 CVE-2010-1278
 	RESERVED
 CVE-2010-1277 (SQL injection vulnerability in the user.authenticate method in the API ...)
-	- zabbix <unfixed> (bug #577058)
+	- zabbix 1:1.8.2-1 (bug #577058)
+	[lenny] - zabbix <not-affected> (vulnerable code not present)
+	[etch] - zabbix <not-affected> (vulnerable code not present)
+	NOTE: This is a bug that was introduced with the Zabbix 1.8 API
 CVE-2010-1276 (Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 ...)
 	NOT-FOR-US: BBSXP
 CVE-2010-1275 (Cross-site scripting (XSS) vulnerability in ShowPost.asp in BBSXP 2008 ...)
@@ -1726,7 +1729,7 @@
 	[lenny] - amsn <no-dsa> (Minor issue)
 	NOTE: http://www.juniper.net/security/auto/vulnerabilities/vuln35507.html
 CVE-2010-0743 (Multiple format string vulnerabilities in isns.c in (1) Linux SCSI ...)
-	- iscsitarget <unfixed> (medium; bug #574935)
+	- iscsitarget 1:1.0.3-2 (medium; bug #574935)
 	- tgt 1:1.0.3-2 (medium; bug #576086) 
 CVE-2010-0742
 	RESERVED




More information about the Secure-testing-commits mailing list