[Secure-testing-commits] r15184 - data/CVE

Florian Weimer fw at alioth.debian.org
Sun Aug 22 16:50:10 UTC 2010


Author: fw
Date: 2010-08-22 16:50:09 +0000 (Sun, 22 Aug 2010)
New Revision: 15184

Modified:
   data/CVE/list
Log:
CVE-2010-2234: couchdb CVEified


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-22 15:57:33 UTC (rev 15183)
+++ data/CVE/list	2010-08-22 16:50:09 UTC (rev 15184)
@@ -2080,8 +2080,6 @@
 	RESERVED
 CVE-2010-2235
 	RESERVED
-CVE-2010-2234 (Cross-site request forgery (CSRF) vulnerability in Apache CouchDB ...)
-	TODO: check
 CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...)
 	- tiff 3.9.1-1
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
@@ -6749,11 +6747,9 @@
 CVE-2010-0628 (The spnego_gss_accept_sec_context function in ...)
 	- krb5 1.8+dfsg-1.1 (bug #575740)
 	[lenny] - krb5 <not-affected> (Only affects 1.7/1.8)
-CVE-2010-XXXX [CouchDB: browser interface has XSS, CSRF issues]
+CVE-2010-2234 [CouchDB: browser interface has XSS, CSRF issues]
 	- couchdb <unfixed> (bug #570013)
 	[lenny] - couchdb <no-dsa> (does not support authentication at all)
-	NOTE: http://mail-archives.apache.org/mod_mbox/couchdb-dev/201002.mbox/%3C87bpfz5t39.fsf@mid.deneb.enyo.de%3E
-	NOTE: http://www.openwall.com/lists/oss-security/2010/02/15/5
 CVE-2010-0637 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	- webcalendar <undetermined> (bug #572557)
 CVE-2010-0636 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...)




More information about the Secure-testing-commits mailing list