thijs at alioth.debian.org
2008-Jun-06 04:51 UTC
[Secure-testing-commits] r8994 - data/CVE
Author: thijs
Date: 2008-06-06 04:51:56 +0000 (Fri, 06 Jun 2008)
New Revision: 8994
Modified:
data/CVE/list
Log:
roundup issue not applicable to < 1.4, but we have 1.4.4
issue is reported after the last item in the changelog, and no
other evidence of fixedness, so marking unfixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-06-05 09:49:30 UTC (rev 8993)
+++ data/CVE/list 2008-06-06 04:51:56 UTC (rev 8994)
@@ -2314,7 +2314,8 @@
CVE-2008-1477 (Multiple cross-site scripting (XSS) vulnerabilities in busca.php
in ...)
NOT-FOR-US: eForum
CVE-2008-1475 (The xml-rpc server in Roundup 1.4.4 does not check property ...)
- - roundup <not-affected> (xml-rpc code introduced in 1.4.0)
+ - roundup <unfixed> (bug #484728)
+ [etch] - roundup <not-affected> (xml-rpc code introduced in 1.4.0)
CVE-2008-1474 (Multiple unspecified vulnerabilities in Roundup before 1.4.4
have ...)
{DSA-1554-1}
- roundup 1.3.3-3.1 (low; bug #472643)