stef-guest at alioth.debian.org
2008-Jun-11 17:28 UTC
[Secure-testing-commits] r9037 - data/CVE
Author: stef-guest Date: 2008-06-11 17:28:30 +0000 (Wed, 11 Jun 2008) New Revision: 9037 Modified: data/CVE/list Log: fixed or to-be-fixed apache2 issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-06-11 17:05:54 UTC (rev 9036) +++ data/CVE/list 2008-06-11 17:28:30 UTC (rev 9037) @@ -403,8 +403,10 @@ RESERVED CVE-2008-2365 RESERVED -CVE-2008-2364 +CVE-2008-2364 [apache2 mod_proxy_http DoS] RESERVED + - apache2 2.2.9-1 (low) + TODO: check apache 1.3 CVE-2008-2363 (The PartsBatch class in Pan 0.132 and earlier does not properly manage ...) - pan 0.132-3.1 (bug #483562) [etch] - pan <not-affected> (Vulnerable code not added until 0.130) @@ -6462,7 +6464,7 @@ [sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2) [etch] - apache2 2.2.3-4+etch4 (low) CVE-2007-6420 (Cross-site request forgery (CSRF) vulnerability in the ...) - - apache2 <unfixed> (low) + - apache2 2.2.9-1 (low) [etch] - apache2 <no-dsa> (minor issue) [sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2) CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, ...) @@ -18686,9 +18688,9 @@ CVE-2007-1743 (suexec in Apache HTTP Server (httpd) 2.2.3 does not verify ...) - apache2 <unfixed> (unimportant) CVE-2007-1742 (suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison ...) - - apache2 <unfixed> (unimportant) + - apache2 2.2.8-5 (unimportant) CVE-2007-1741 (Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 ...) - - apache2 <unfixed> (unimportant) + - apache2 2.2.8-5 (unimportant) CVE-2007-1740 REJECTED CVE-2007-1739 (Heap-based buffer overflow in the LDAP server in IBM Lotus Domino ...)