[Git][security-tracker-team/security-tracker][master] Update information for old CVE-2008-0455/apache2
Salvatore Bonaccorso
carnil at debian.org
Thu Jul 23 10:19:41 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2c8a2248 by Salvatore Bonaccorso at 2020-07-23T11:18:10+02:00
Update information for old CVE-2008-0455/apache2
It appears from [1] that CVE-2012-2687 was as well known under
(duplicate) CVE-2008-0455. CVE-2012-2687 was fixed witn the 2.2.22-8
upload, so sync the two entries with the fixed version.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -378206,9 +378206,10 @@ CVE-2008-0456 (CRLF injection vulnerability in the mod_negotiation module in the
NOTE: but not with arbitrary contents.
CVE-2008-0455 (Cross-site scripting (XSS) vulnerability in the mod_negotiation module ...)
- apache <removed> (unimportant)
- - apache2 <unfixed> (unimportant)
+ - apache2 2.2.22-8 (unimportant)
NOTE: This is only relevant if an attacker can upload files with arbitrary names
NOTE: but not with arbitrary contents.
+ NOTE: https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2012-2687
CVE-2008-0454 (Cross-zone scripting vulnerability in the Internet Explorer web contro ...)
NOT-FOR-US: Skype
CVE-2008-0453 (SQL injection vulnerability in list.php in Easysitenetwork Recipe allo ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c8a2248de68743aa9dd09c99f7726f26174bf58
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c8a2248de68743aa9dd09c99f7726f26174bf58
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200723/c1dd2534/attachment.html>
More information about the debian-security-tracker-commits
mailing list