thijs at alioth.debian.org
2008-Dec-01 14:58 UTC
[Secure-testing-commits] r10563 - data/CVE
Author: thijs
Date: 2008-12-01 14:58:39 +0000 (Mon, 01 Dec 2008)
New Revision: 10563
Modified:
data/CVE/list
Log:
ids assigned
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-11-30 21:14:11 UTC (rev 10562)
+++ data/CVE/list 2008-12-01 14:58:39 UTC (rev 10563)
@@ -9,9 +9,8 @@
- php5 (low; bug #507101)
CVE-2008-5278 [Cross-site scripting (XSS) vulnerability in the RSS Feed
Generator]
- wordpress 2.5.1-11 (low; bug #507193)
-CVE-2008-XXXX [cups: integer overflow due to incomplete fix for CVE-2008-1722]
+CVE-2008-5286 [cups: integer overflow due to incomplete fix for CVE-2008-1722]
- cups <unfixed> (bug #507183)
- NOTE: CVE id requested
CVE-2008-XXXX [geda-gnetlist: sch2eaglepos.sh has insecure temp file handling ]
- geda-gnetlist <unfixed> (bug #506625; unimportant)
NOTE: sch2eaglepos.sh only used as example script
@@ -293,7 +292,7 @@
CVE-2008-5183 (cupsd in CUPS before 1.3.8 allows local users, and possibly
remote ...)
- cups <unfixed> (bug #506180)
[etch] - cupsys <not-affected> (RSS subscription code not yet present)
-CVE-2008-XXXX [no-ip DUC remote code execution]
+CVE-2008-5297 [no-ip DUC remote code execution]
- no-ip 2.1.7-11 (bug #506179)
CVE-2008-5132 (SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT
...)
NOT-FOR-US: MemHT Portal
@@ -2075,7 +2074,6 @@
{DSA-1645-1}
- lighttpd 1.4.19-5 (low)
NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt
- NOTE: CVE id requested
CVE-2008-4359 (lighttpd before 1.4.20 compares URIs to patterns in the (1) ...)
{DSA-1645-1}
- lighttpd 1.4.19-5 (low)