[Secure-testing-commits] r16167 - data/CVE
Nico Golde
nion at alioth.debian.org
Wed Feb 16 13:50:47 UTC 2011
Author: nion
Date: 2011-02-16 13:50:32 +0000 (Wed, 16 Feb 2011)
New Revision: 16167
Modified:
data/CVE/list
Log:
update on feh issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-16 13:35:26 UTC (rev 16166)
+++ data/CVE/list 2011-02-16 13:50:32 UTC (rev 16167)
@@ -6,6 +6,8 @@
- feh <unfixed> (low)
[lenny] - feh <no-dsa> (Minor issue)
[squeeze] - feh <no-dsa> (Minor issue)
+ NOTE: in 1.11.2-1 --no-clobber was added to the wget call in order
+ NOTE: to prevent overwriting files. can still be create thoug. questionable fix
CVE-2011-1030 (Cross-site scripting (XSS) vulnerability in the Wikis component in IBM ...)
TODO: check
CVE-2011-1029 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
More information about the Secure-testing-commits
mailing list