nion at alioth.debian.org
2008-Oct-06 12:11 UTC
[Secure-testing-commits] r10008 - data/CVE
Author: nion
Date: 2008-10-06 12:11:51 +0000 (Mon, 06 Oct 2008)
New Revision: 10008
Modified:
data/CVE/list
Log:
CVE-2008-4407 fixed in sabre 0.2.4b-25
CVE-2008-4182 fixed in turba2 2.2.1-2/imp4 4.2-3
CVE-2008-2370 fixed in tomcat5.5 5.5.26-4
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-10-06 11:45:37 UTC (rev 10007)
+++ data/CVE/list 2008-10-06 12:11:51 UTC (rev 10008)
@@ -153,7 +153,7 @@
- gdrae 0.1-1.1 (low; bug #496378)
[etch] - gdrae <no-dsa> (Minor issue)
CVE-2008-4407 [sabre: insecure temp file]
- - sabre <unfixed> (low; bug #433996)
+ - sabre 0.2.4b-25 (low; bug #433996)
[etch] - sabre <no-dsa> (Game not qualified as multi-user system, thus
minor issue)
CVE-2008-4366 (Unrestricted file upload vulnerability in the image upload
component ...)
NOT-FOR-US: Camera Life
@@ -556,8 +556,8 @@
CVE-2008-4183 (IntegraMOD 1.4.x stores sensitive information under the web root
with ...)
NOT-FOR-US: IntegraMOD
CVE-2008-4182 (Cross-site scripting (XSS) vulnerability in imp/test.php in
Horde ...)
- - turba2 <unfixed> (bug #500114; low)
- - imp4 <unfixed> (bug #500553; low)
+ - turba2 2.2.1-2 (bug #500114; low)
+ - imp4 4.2-3 (bug #500553; low)
CVE-2008-4181 (Directory traversal vulnerability in includes/xml.php in the
Netenberg ...)
NOT-FOR-US: Netenberg Fantastico De Luxe module for cPanel
CVE-2008-4180 (Unspecified vulnerability in db.php in NooMS 1.1 allows remote
...)
@@ -4835,7 +4835,7 @@
{DSA-1602-1 DTSA-145-1}
- pcre3 7.6-2.1 (medium; bug #488919)
CVE-2008-2370 (Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and
6.0.0 ...)
- - tomcat5.5 <unfixed> (bug #494504)
+ - tomcat5.5 5.5.26-4 (bug #494504)
- tomcat6 <unfixed> (low)
CVE-2008-2369 (manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has
a ...)
NOT-FOR-US: Red Hat Network Satellite Server