[Secure-testing-commits] r14000 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Tue Feb 2 18:32:25 UTC 2010
Author: jmm-guest
Date: 2010-02-02 18:32:25 +0000 (Tue, 02 Feb 2010)
New Revision: 14000
Modified:
data/CVE/list
Log:
bugzilla issue doesn't affect Debian
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-02 18:19:56 UTC (rev 13999)
+++ data/CVE/list 2010-02-02 18:32:25 UTC (rev 14000)
@@ -4488,11 +4488,10 @@
- liboggplay <unfixed>
- xulrunner 1.9.1.6-1
[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
-CVE-2009-3387 [bugzilla possible information leak]
+CVE-2009-3387 [bugzilla information leak when moving a bug between products]
RESERVED
- - bugzilla <undetermined> (low)
- NOTE: probably unimportant
- TODO: check
+ - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
+ TODO: Check when a current Bugzilla is uploaded
CVE-2009-3386 (Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through 3.5.1 ...)
- bugzilla <not-affected> (Only 3.3 onwards are affected)
TODO: recheck, once a more recent (3.3.x or 3.4.x) version has been uploaded
More information about the Secure-testing-commits
mailing list