[Secure-testing-commits] r14316 - data/CVE

Mon Mar 22 22:56:11 UTC 2010

Author: jmm-guest
Date: 2010-03-22 22:56:11 +0000 (Mon, 22 Mar 2010)
New Revision: 14316

Modified:
   data/CVE/list
Log:
gnudip CVEfied


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-03-22 12:11:22 UTC (rev 14315)
+++ data/CVE/list	2010-03-22 22:56:11 UTC (rev 14316)
@@ -69,7 +69,7 @@
 CVE-2009-4721 (Multiple SQL injection vulnerabilities in Admin/index.asp in ...)
 	NOT-FOR-US: Andrews-Web BannerAd
 CVE-2009-4720 (SQL injection vulnerability in cgi-bin/gnudip.cgi in GnuDIP 2.1.1 ...)
-	- gnudip <removed>
+	- gnudip <removed> (medium; bug #539452)
 CVE-2009-4719 (SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows ...)
 	NOT-FOR-US: Discloser
 CVE-2010-XXXX [dojo can be used as a redirector]
@@ -8733,9 +8733,6 @@
 CVE-2009-XXXX [apache2: only first 8 characters used to validate password]
 	- apache2 <unfixed> (unimportant; bug #539246)
 	NOTE: Standard behaviour of crypt, enhancement bug for stronger method
-CVE-2009-XXXX [gnudips: remote privilege escalation]
-	- gnudip <removed> (medium; bug #539452)
-	TODO: request CVE id
 CVE-2009-XXXX [xscreensaver: local screen lock bypassable via low resolution video devices]
 	- xscreensaver 5.05-3+nmu1 (low; bug #539699)
 	TODO: request CVE id


