[Secure-testing-commits] r40979 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Apr 18 19:09:40 UTC 2016
Author: carnil
Date: 2016-04-18 19:09:40 +0000 (Mon, 18 Apr 2016)
New Revision: 40979
Modified:
data/CVE/list
Log:
Cleanup trailing whitespaces
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-18 19:09:31 UTC (rev 40978)
+++ data/CVE/list 2016-04-18 19:09:40 UTC (rev 40979)
@@ -117047,7 +117047,7 @@
{DSA-2130-1}
- bind9 1:9.7.2.dfsg.P2-1 (bug #599515)
NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
- NOTE: ACL bypass claimed to only affect >=9.7.2: https://kb.isc.org/article/AA-00935/0/CVE-2010-3762%3A-failure-to-handle-bad-signatures-if-multiple-trust-anchors-configured.html
+ NOTE: ACL bypass claimed to only affect >=9.7.2: https://kb.isc.org/article/AA-00935/0/CVE-2010-3762%3A-failure-to-handle-bad-signatures-if-multiple-trust-anchors-configured.html
NOTE: The crash with multiple trust anchors affects 9.6 and is fixed in 9.6-ESV-R2.
CVE-2010-3761 (Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack ...)
NOT-FOR-US: IBM Tivoli Storage Manager
@@ -169053,7 +169053,7 @@
- jifty 0.91117-1 (low; bug #557748)
- webgui <not-affected> (uses system libjs-yui)
- loggerhead <not-affected> (uses system libjs-yui)
- NOTE: see https://web.archive.org/web/20071105202514/http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
+ NOTE: see https://web.archive.org/web/20071105202514/http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
NOTE: This allows to steal data from affected websites. Therefore web applications should
NOTE: only be considered vunerabile if they process confidential data.
NOTE: The frameworks should be fixed in any case.
@@ -169140,7 +169140,7 @@
CVE-2007-2378 (The Google Web Toolkit (GWT) framework exchanges data using JavaScript ...)
- gwt <removed> (unimportant; bug #563542)
NOTE: javascript security guidelines provided to developers to avoid these issues
- NOTE: https://developers.google.com/web-toolkit/articles/security_for_gwt_applications
+ NOTE: https://developers.google.com/web-toolkit/articles/security_for_gwt_applications
CVE-2007-2377 (The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data ...)
NOT-FOR-US: Getahead Direct Web Remoting
CVE-2007-2376 (The Dojo framework exchanges data using JavaScript Object Notation ...)
@@ -212595,7 +212595,7 @@
- balsa 2.0.10
- mutt 1.4.0
CVE-2003-0166 (Integer signedness error in emalloc() function for PHP before 4.3.2 ...)
- - php4 <not-affected> (Non-issue; see http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
+ - php4 <not-affected> (Non-issue; see http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
CVE-2003-0165 (Format string vulnerability in Eye Of Gnome (EOG) allows attackers to ...)
- eog 2.2.1
CVE-2003-0164
More information about the Secure-testing-commits
mailing list