[Secure-testing-commits] r15596 - data/CVE
Steffen Joeris
white at alioth.debian.org
Wed Nov 17 08:55:26 UTC 2010
Author: white
Date: 2010-11-17 08:55:25 +0000 (Wed, 17 Nov 2010)
New Revision: 15596
Modified:
data/CVE/list
Log:
mahara not vulnerable in any suite at the moment, just keep an eye out that 1.3.3 or higher is uploaded next to sid
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-11-17 08:33:41 UTC (rev 15595)
+++ data/CVE/list 2010-11-17 08:55:25 UTC (rev 15596)
@@ -829,6 +829,8 @@
RESERVED
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
- mahara <unfixed> (low; bug #603749)
+ [lenny] - mahara <not-affected> (Vulnerable file not included)
+ TODO: File was introduced after 1.2.6, so check that next sid version is at least 1.3.3 or higher
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
- php5 <unfixed> (bug #603751)
CVE-2010-3869
More information about the Secure-testing-commits
mailing list