[Secure-testing-commits] r14685 - in data: . CVE

Thijs Kinkhorst thijs at alioth.debian.org
Wed May 12 17:08:36 UTC 2010 

Author: thijs
Date: 2010-05-12 17:08:25 +0000 (Wed, 12 May 2010)
New Revision: 14685

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
update serendipity


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-05-12 02:52:48 UTC (rev 14684)
+++ data/CVE/list	2010-05-12 17:08:25 UTC (rev 14685)
@@ -121,7 +121,7 @@
 CVE-2010-1850
 	RESERVED
 CVE-2010-XXXX [serendipity xinha issue]
-	- serendipity <unfixed>
+	- serendipity 1.5.3-1
 	[lenny] - serendipity <not-affected> (Only affects >= 1.4)
 CVE-2010-1849
 	RESERVED
@@ -5449,7 +5449,7 @@
 	{DSA-1978-1}
 	- phpgroupware 1:0.9.16.012+dfsg-9
 CVE-2009-4412 (Unrestricted file upload vulnerability in Serendipity before 1.5 ...)
-	- serendipity <unfixed> (low; bug #562634)
+	- serendipity 1.5.3-1 (low; bug #562634)
 CVE-2009-4411 (The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when ...)
 	- acl 2.2.49-2 (low; bug #499076)
 	[etch] - acl <not-affected> (Vulnerable code not present)
@@ -46326,7 +46326,7 @@
 CVE-2007-2385 (The Yahoo! UI framework exchanges data using JavaScript Object ...)
 	- yui <unfixed> (unimportant; bug #557745)
 	- bcfg2 <not-affected> (present in source but not included in any binary files)
-	- serendipity <unfixed> (low; bug #557746)
+	- serendipity 1.5.3-1 (low; bug #557746)
 	- moodle <not-affected> (uses system libjs-yui)
 	- jifty 0.91117-1 (low; bug #557748)
 	- webgui <not-affected> (uses system libjs-yui)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-05-12 02:52:48 UTC (rev 14684)
+++ data/embedded-code-copies	2010-05-12 17:08:25 UTC (rev 14685)
@@ -1072,16 +1072,16 @@
 	[lenny] - iceape <not-affected> (introduced in 2.0)
 
 php-net-dnsbl
-	- serendipity <unfixed> (embed; bug #541740)
+	- serendipity <unfixed> (embed; bug #541740; package in NEW)
 
 php-onyx-rss
-	- serendipity <unfixed> (embed; bug #541740)
+	- serendipity <unfixed> (embed; bug #541740; wontfix: only one script, own package is overkill, appears not to be duplicated in Debian)
 
 php-text-wiki
-	- serendipity <unfixed> (embed; bug #541740)
+	- serendipity <unfixed> (embed; bug #541740; package in NEW)
 
 php-xml-rpc
-	- serendipity <unfixed> (embed; bug #541740)
+	- serendipity <unfixed> (embed; bug #541740; package in NEW)
 
 polarssl (does not have a shared library)
 	- pdkim <itp> (embed; bug #543150)
@@ -1499,7 +1499,7 @@
 
 yui
 	- bcfg2 <not-affected> (present in source but not included in any binary files)
-	- serendipity <unfixed> (embed; bug #557746)
+	- serendipity 1.5.3-1 (embed; bug #557746)
 	- moodle 1.8.2.dfsg-5 (embed)
 	- jifty 0.91117-1 (embed; bug #557748)
 	- webgui 7.7.26-1 (embed)

More information about the Secure-testing-commits mailing list