[Secure-testing-commits] r18217 - data/CVE
Yves-Alexis Perez
corsac at alioth.debian.org
Thu Jan 19 12:58:19 UTC 2012
Author: corsac
Date: 2012-01-19 12:58:19 +0000 (Thu, 19 Jan 2012)
New Revision: 18217
Modified:
data/CVE/list
Log:
mark CVE-2010-1104 and CVE-2011-4924 as affecting zope2 and zope3
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-19 11:37:03 UTC (rev 18216)
+++ data/CVE/list 2012-01-19 12:58:19 UTC (rev 18217)
@@ -1355,7 +1355,13 @@
CVE-2011-4925 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource ...)
- torque <not-affected> (The version in Debian doesn't yet have MUNGE support)
CVE-2011-4924
- RESERVED
+ - zope3 <removed> (low)
+ - zope2.10 <removed> (low)
+ [lenny] - zope2.10 <no-dsa> (Minor issue)
+ [lenny] - zope3 <no-dsa> (Minor issue)
+ - zope2.11 <removed>
+ - zope2.9 <removed>
+ NOTE: http://openwall.com/lists/oss-security/2012/01/19/16
CVE-2011-4923 [backuppc xss issue]
RESERVED
- backuppc 3.2.1-2 (bug #646865)
@@ -28743,7 +28749,10 @@
NOT-FOR-US: Moa Gallery
CVE-2010-1104 (Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, ...)
- zope2.10 <removed> (low)
+ - zope3 <removed> (low)
+ - zope2.10 <removed> (low)
[lenny] - zope2.10 <no-dsa> (Minor issue)
+ [lenny] - zope3 <no-dsa> (Minor issue)
- zope2.11 <removed>
- zope2.9 <removed>
NOTE: https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
More information about the Secure-testing-commits
mailing list