[Secure-testing-commits] r14355 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Tue Mar 30 07:37:44 UTC 2010
Author: derevko-guest
Date: 2010-03-30 07:37:43 +0000 (Tue, 30 Mar 2010)
New Revision: 14355
Modified:
data/CVE/list
Log:
CVE-2009-4609 and CVE-2009-4610: jetty in Debian is not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-03-29 21:22:32 UTC (rev 14354)
+++ data/CVE/list 2010-03-30 07:37:43 UTC (rev 14355)
@@ -2394,9 +2394,11 @@
CVE-2009-4611 (Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing ...)
- jetty 6.1.22-1
CVE-2009-4610 (Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty ...)
- - jetty <unfixed> (low; bug #575790)
+ - jetty <not-affected> (low; bug #575790)
+ NOTE: the exploitable servlet is not shipped in Debian packages
CVE-2009-4609 (The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote ...)
- - jetty <unfixed> (low; bug #575791)
+ - jetty <not-affected> (low; bug #575791)
+ NOTE: the exploitable servlet is not shipped in Debian packages
CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer (PIT) ...)
{DSA-2010-1 DSA-1996-1}
- linux-2.6 2.6.32-8
More information about the Secure-testing-commits
mailing list