jmm-guest at alioth.debian.org
2008-Oct-07 21:29 UTC
[Secure-testing-commits] r10037 - data/CVE
Author: jmm-guest Date: 2008-10-07 21:29:14 +0000 (Tue, 07 Oct 2008) New Revision: 10037 Modified: data/CVE/list Log: amarok dupe rejected (and the issue is still bogus...) Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-07 21:25:52 UTC (rev 10036) +++ data/CVE/list 2008-10-07 21:29:14 UTC (rev 10037) @@ -76,11 +76,8 @@ NOT-FOR-US: RMSOFT MiniShop (xoops) CVE-2008-4431 (SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and ...) NOT-FOR-US: IceBB -CVE-2008-4430 (The MagnatuneBrowser::listDownloadComplete function in ...) - - amarok 1.4.10-1 (unimportant; bug #494765) - NOTE: The code in question doesn''t dereference the symlink, tested with Etch - NOTE: and Lenny. Given that it only takes a minute to test this, it''s surprising - NOTE: that at least one vendor issued an advisory and upstream pushed a new release... +CVE-2008-4430 + REJECTED CVE-2008-4429 (Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 ...) NOT-FOR-US: SOURCENEXT Virus Security ZERO CVE-2008-4428 (Unrestricted file upload vulnerability in upload.php in Phlatline''s ...)