[Secure-testing-commits] r23258 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Fri Aug 9 07:04:24 UTC 2013 

Author: carnil
Date: 2013-08-09 07:04:24 +0000 (Fri, 09 Aug 2013)
New Revision: 23258

Modified:
   data/CVE/list
Log:
gwt removed from unstable, see #718911

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-08-08 20:10:23 UTC (rev 23257)
+++ data/CVE/list	2013-08-09 07:04:24 UTC (rev 23258)
@@ -1937,7 +1937,7 @@
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 CVE-2013-4204 [Google Web Toolkit XSS]
 	RESERVED
-	- gwt <unfixed> (low)
+	- gwt <removed> (low)
 	[squeeze] - gwt <no-dsa> (Minor issue)
 	NOTE: http://www.gwtproject.org/release-notes.html#Release_Notes_2_5_1_RC1
 CVE-2013-4203 [Rgpg Ruby Gem Remote Command Injection]
@@ -14564,7 +14564,7 @@
 CVE-2012-5921
 	RESERVED
 CVE-2012-5920 (Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) ...)
-	- gwt <unfixed> (bug #691900)
+	- gwt <removed> (bug #691900)
 	[squeeze] - gwt <not-affected> (Vulnerable code not present)
 CVE-2012-5919 (Multiple cross-site scripting (XSS) vulnerabilities in Havalite 1.0.4 ...)
 	NOT-FOR-US: havalite
@@ -18368,7 +18368,7 @@
 	- tiff3 <not-affected> (The tiff-tools package is only built from the tiff source package)
 	- tiff 4.0.2-5 (bug #692345)
 CVE-2012-4563 (Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) ...)
-	- gwt <unfixed> (bug #691900)
+	- gwt <removed> (bug #691900)
 	[squeeze] - gwt <not-affected> (Vulnerable code not present)
 CVE-2012-4562 (Multiple integer overflows in libssh before 0.5.3 allow remote ...)
 	{DSA-2577-1}
@@ -99581,7 +99581,7 @@
 	NOTE: the paper in this reference is a guideline on how to avoid writing unsafe jquery applications.  there really isn't anything to fix in the library itself.
 	NOTE: https://www.fortify.com/vulncat/en/vulncat/javascript/javascript_hijacking_ad_hoc_ajax.html
 CVE-2007-2378 (The Google Web Toolkit (GWT) framework exchanges data using JavaScript ...)
-	- gwt <unfixed> (unimportant; bug #563542)
+	- gwt <removed> (unimportant; bug #563542)
 	NOTE: javascript security guidelines provided to developers to avoid these issues
 	NOTE: http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications
 CVE-2007-2377 (The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data ...)

More information about the Secure-testing-commits mailing list