jmm-guest at alioth.debian.org
2009-Apr-01 20:30 UTC
[Secure-testing-commits] r11526 - data/CVE
Author: jmm-guest
Date: 2009-04-01 20:30:44 +0000 (Wed, 01 Apr 2009)
New Revision: 11526
Modified:
data/CVE/list
Log:
- webkit no-dsa
- fix typos
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-04-01 20:26:16 UTC (rev 11525)
+++ data/CVE/list 2009-04-01 20:30:44 UTC (rev 11526)
@@ -60,12 +60,12 @@
- phpmyadmin 4:3.1.3.1-1
CVE-2009-1149 (CRLF injection vulnerability in bs_disp_as_mime_type.php in the
BLOB ...)
- phpmyadmin 4:3.1.3.1-1
- [etch] - phpmyadmn <not-affected> (Vulnerable code not present)
- [lenny] - phpmyadmn <not-affected> (Vulnerable code not present)
+ [etch] - phpmyadmin <not-affected> (Vulnerable code not present)
+ [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2009-1148 (Directory traversal vulnerability in bs_disp_as_mime_type.php in
the ...)
- phpmyadmin 4:3.1.3.1-1
- [etch] - phpmyadmn <not-affected> (Vulnerable code not present)
- [lenny] - phpmyadmn <not-affected> (Vulnerable code not present)
+ [etch] - phpmyadmin <not-affected> (Vulnerable code not present)
+ [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2009-1147
RESERVED
CVE-2009-1146
@@ -6911,7 +6911,8 @@
NOT-FOR-US: Opera
CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google
Chrome ...)
{CVE-2008-4723}
- - webkit <unfixed> (medium; bug #520052)
+ - webkit <unfixed> (low; bug #520052)
+ [lenny] - webkit <no-dsa> (Minor issue)
NOTE: webkit properly handles this issue with respect to extensions such as
jpg and txt, but not in general; for example, the attack works for odp, xls, etc
extensions (only tested with midori 0.1.4)
NOTE: not reproducible using iceweasel 3.0.1
CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla
Firefox ...)