[Secure-testing-commits] r17197 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Sep 9 05:43:02 UTC 2011
Author: jmm
Date: 2011-09-09 05:43:01 +0000 (Fri, 09 Sep 2011)
New Revision: 17197
Modified:
data/CVE/list
Log:
new tomcat issue
fcgi::perl issue doesn't affect oldstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-09-08 22:14:01 UTC (rev 17196)
+++ data/CVE/list 2011-09-09 05:43:01 UTC (rev 17197)
@@ -471,7 +471,9 @@
{DSA-2303-1}
- linux-2.6 <unfixed>
CVE-2011-3190 (Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 ...)
- TODO: check
+ - tomcat6 <unfixed>
+ - tomcat7 7.0.21-1
+ - tomcat5.5 <removed>
CVE-2011-3189 (The crypt function in PHP 5.3.7, when the MD5 hash type is used, ...)
- php5 5.3.8-1
[squeeze] - php5 <not-affected> (Introduced in 5.3.7)
@@ -1590,6 +1592,7 @@
CVE-2011-2766
RESERVED
- libfcgi-perl <unfixed> (bug #607479)
+ [lenny] - libfcgi-perl <not-affected> (Introduced in 0.70)
CVE-2011-2765 [pyro: insecure use of temporary pid file]
RESERVED
- pyro 1:3.14-1 (low; bug #631912)
More information about the Secure-testing-commits
mailing list