[Secure-testing-commits] r14556 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Sat Apr 24 02:55:02 UTC 2010


Author: gilbert-guest
Date: 2010-04-24 02:55:02 +0000 (Sat, 24 Apr 2010)
New Revision: 14556

Modified:
   data/CVE/list
Log:
vulnerable imlib2 not yet uploaded

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-24 01:11:28 UTC (rev 14555)
+++ data/CVE/list	2010-04-24 02:55:02 UTC (rev 14556)
@@ -1311,9 +1311,9 @@
 CVE-2010-0992 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse ...)
 	NOT-FOR-US: Pulse CMS Basic
 CVE-2010-0991 (Multiple heap-based buffer overflows in imlib2 1.4.3 allow ...)
-	- imlib2 <undetermined>
+	- imlib2 <not-affected> (vulnerable code introduced in 1.4.3)
 	NOTE: http://seclists.org/bugtraq/2010/Apr/196
-	TODO: check
+	TODO: recheck when 1.4.3 gets uploaded to unstable
 CVE-2010-0990
 	RESERVED
 CVE-2010-0989 (Directory traversal vulnerability in delete.php in Pulse CMS before ...)




More information about the Secure-testing-commits mailing list