[Secure-testing-commits] r21251 - data/CVE

Thijs Kinkhorst thijs at alioth.debian.org
Tue Feb 12 12:29:50 UTC 2013


Author: thijs
Date: 2013-02-12 12:29:50 +0000 (Tue, 12 Feb 2013)
New Revision: 21251

Modified:
   data/CVE/list
Log:
crime: add lighttpd; apache was already fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-12 11:41:24 UTC (rev 21250)
+++ data/CVE/list	2013-02-12 12:29:50 UTC (rev 21251)
@@ -7648,9 +7648,10 @@
 	- iceweasel <not-affected> (Firefox ESV not use TLS/SSL compression)
 	- chromium-browser 22.0.1229.94~r161065-1
 	- qt4-x11 4:4.8.2+dfsg-3
+	- apache2 2.2.22-12 (bug #689936)
+	- lighttpd 1.4.31-1 (bug #700399)
 	[squeeze] - qt4-x11 <no-dsa> (Minor issue)
 	NOTE: Chromium fix: https://chromiumcodereview.appspot.com/10825183/
-	TODO: check openssl
 CVE-2012-4928 (Cross-site scripting (XSS) vulnerability in ow_updates/index.php in ...)
 	NOT-FOR-US: Oxwall 1.1.1
 CVE-2012-4927 (SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before ...)




More information about the Secure-testing-commits mailing list