[Secure-testing-commits] r14102 - data/CVE
Florian Weimer
fw at alioth.debian.org
Mon Feb 15 20:58:58 UTC 2010
Author: fw
Date: 2010-02-15 20:58:50 +0000 (Mon, 15 Feb 2010)
New Revision: 14102
Modified:
data/CVE/list
Log:
CouchDB design problem
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-14 21:15:27 UTC (rev 14101)
+++ data/CVE/list 2010-02-15 20:58:50 UTC (rev 14102)
@@ -1,3 +1,8 @@
+CVE-2010-XXXX [CouchDB: browser interface has XSS, CSRF issues]
+ - couchdb <unfixed> (bug #570013)
+ [lenny] - couchdb <no-dsa> (does not support authentication at all)
+ NOTE: http://mail-archives.apache.org/mod_mbox/couchdb-dev/201002.mbox/%3C87bpfz5t39.fsf@mid.deneb.enyo.de%3E
+ NOTE: http://www.openwall.com/lists/oss-security/2010/02/15/5
CVE-2010-0637
TODO: check, webcalendar is in the archive
CVE-2010-0636
More information about the Secure-testing-commits
mailing list