[Secure-testing-commits] r18217 - data/CVE

Yves-Alexis Perez corsac at alioth.debian.org
Thu Jan 19 12:58:19 UTC 2012


Author: corsac
Date: 2012-01-19 12:58:19 +0000 (Thu, 19 Jan 2012)
New Revision: 18217

Modified:
   data/CVE/list
Log:
mark CVE-2010-1104 and CVE-2011-4924 as affecting zope2 and zope3


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-19 11:37:03 UTC (rev 18216)
+++ data/CVE/list	2012-01-19 12:58:19 UTC (rev 18217)
@@ -1355,7 +1355,13 @@
 CVE-2011-4925 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource ...)
 	- torque <not-affected> (The version in Debian doesn't yet have MUNGE support)
 CVE-2011-4924
-	RESERVED
+	- zope3 <removed> (low)
+	- zope2.10 <removed> (low)
+	[lenny] - zope2.10 <no-dsa> (Minor issue)
+	[lenny] - zope3 <no-dsa> (Minor issue)
+	- zope2.11 <removed>
+	- zope2.9 <removed>
+	NOTE: http://openwall.com/lists/oss-security/2012/01/19/16
 CVE-2011-4923 [backuppc xss issue]
 	RESERVED
 	- backuppc 3.2.1-2 (bug #646865)
@@ -28743,7 +28749,10 @@
 	NOT-FOR-US: Moa Gallery
 CVE-2010-1104 (Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, ...)
 	- zope2.10 <removed> (low)
+	- zope3 <removed> (low)
+	- zope2.10 <removed> (low)
 	[lenny] - zope2.10 <no-dsa> (Minor issue)
+	[lenny] - zope3 <no-dsa> (Minor issue)
 	- zope2.11 <removed>
 	- zope2.9 <removed>
 	NOTE: https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html




More information about the Secure-testing-commits mailing list