[Secure-testing-commits] r15598 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Wed Nov 17 20:19:47 UTC 2010
Author: jmm-guest
Date: 2010-11-17 20:19:45 +0000 (Wed, 17 Nov 2010)
New Revision: 15598
Modified:
data/CVE/list
Log:
- yaws issue windows-specific
- mahara not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-11-17 08:59:32 UTC (rev 15597)
+++ data/CVE/list 2010-11-17 20:19:45 UTC (rev 15598)
@@ -115,7 +115,7 @@
CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...)
- - yaws <unfixed> (bug #603748)
+ - yaws <not-affected> (Only affects Windows)
CVE-2010-4180
RESERVED
CVE-2010-4179
@@ -828,8 +828,7 @@
CVE-2010-3872
RESERVED
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
- - mahara <unfixed> (low; bug #603749)
- [lenny] - mahara <not-affected> (Vulnerable file not included)
+ - mahara <not-affected> (Vulnerable feature introduced in 1.3)
TODO: File was introduced after 1.2.6, so check that next sid version is at least 1.3.3 or higher
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
- php5 <unfixed> (bug #603751)
More information about the Secure-testing-commits
mailing list