joeyh at alioth.debian.org
2009-Feb-25 09:14 UTC
[Secure-testing-commits] r11264 - data/CVE
Author: joeyh Date: 2009-02-25 09:14:17 +0000 (Wed, 25 Feb 2009) New Revision: 11264 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-25 07:36:13 UTC (rev 11263) +++ data/CVE/list 2009-02-25 09:14:17 UTC (rev 11264) @@ -1,9 +1,9 @@ CVE-2009-XXXX [thunar: potential exploits via application launchers] - - thunar <unfixed> (bug #517020; low) - NOTE: CVE needs to be requested + - thunar <unfixed> (bug #517020; low) + NOTE: CVE needs to be requested CVE-2009-XXXX [debian-installer: no-root option in expert installer exposes locally exploitable security flaw] - - debian-installer <unfixed> (bug #517018; low) - NOTE: should a CVE be requested for this problem? + - debian-installer <unfixed> (bug #517018; low) + NOTE: should a CVE be requested for this problem? CVE-2009-XXXX [Http double slash request arbitrary file access vulnerability in mldonkey] - mldonkey <unfixed> (bug #516829; medium) NOTE: daemon is run as non-root and can only be exploited via localhost @@ -536,7 +536,7 @@ CVE-2008-6107 (The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, ...) - linux-2.6 <unfixed> (low) - linux-2.6.24 <removed> - NOTE: should this be considered a problem in lenny/squeeze/sid since description says that the problem applies to kernels before 2.6.25.4? + NOTE: should this be considered a problem in lenny/squeeze/sid since description says that the problem applies to kernels before 2.6.25.4? CVE-2008-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Workplace for ...) NOT-FOR-US: IBM Workplace for Business Controls CVE-2008-6105 (Cross-site scripting (XSS) vulnerability in IBM Workplace for Business ...)