[Secure-testing-commits] r16137 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Mon Feb 14 01:57:44 UTC 2011
Author: geissert
Date: 2011-02-14 01:57:43 +0000 (Mon, 14 Feb 2011)
New Revision: 16137
Modified:
data/CVE/list
Log:
two, minor, python issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-14 01:45:26 UTC (rev 16136)
+++ data/CVE/list 2011-02-14 01:57:43 UTC (rev 16137)
@@ -1,3 +1,8 @@
+CVE-2008-XXXX [path traversal in SimpleHTTPServer]
+ - python2.5 <unfixed>
+ - python2.4 <removed>
+ NOTE: looks like it is fixed since 2.6 and 3.0
+ NOTE: http://bugs.python.org/issue2254
CVE-2010-XXXX [kfreebsd dos]
- kfreebsd-8 <undetermined> (bug #613312)
- kfreebsd-7 <undetermined> (bug #613312)
@@ -672,8 +677,15 @@
RESERVED
CVE-2011-0706
RESERVED
-CVE-2011-0705
+CVE-2011-0705 [path traversal in SimpleHTTPServer]
RESERVED
+ - python3.2 <unfixed>
+ - python3.1 <unfixed>
+ - python2.7 <unfixed>
+ - python2.6 <unfixed>
+ - python2.5 <unfixed>
+ - python2.4 <removed>
+ NOTE: http://bugs.python.org/issue11197
CVE-2011-0704
RESERVED
CVE-2011-0703
@@ -1814,6 +1826,7 @@
RESERVED
- patch <unfixed> (unimportant)
NOTE: Applying a patch blindly opens more severe security issues than only directory traversal...
+ NOTE: openwall ships a fix
CVE-2010-4650
RESERVED
- linux-2.6 2.6.32-30
More information about the Secure-testing-commits
mailing list