Author: nion
Date: 2009-04-17 10:12:38 +0000 (Fri, 17 Apr 2009)
New Revision: 11641
Modified:
data/CVE/list
Log:
CVE-2009-12{14, 15} fixed in screen 4.0.3-13
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-04-17 09:14:16 UTC (rev 11640)
+++ data/CVE/list 2009-04-17 10:12:38 UTC (rev 11641)
@@ -521,12 +521,12 @@
CVE-2008-6573 (Multiple SQL injection vulnerabilities in Avaya SIP Enablement
...)
NOT-FOR-US: Avaya Communication Manager
CVE-2009-1215 (Race condition in GNU screen 4.0.3 allows local users to create
or ...)
- - screen <unfixed> (bug #521123)
+ - screen 4.0.3-13 (low; bug #521123)
[etch] - screen <not-affected> (etch version predates #433338)
[lenny] - screen <no-dsa> (Minor issue)
TODO: add after r2 4.0.3-11+lenny1
CVE-2009-1214 (GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file
with ...)
- - screen <unfixed> (unimportant; bug #521123)
+ - screen 4.0.3-13 (unimportant; bug #521123)
NOTE: documented behaviour "or the public accessible
screen-exchange", see man screen
CVE-2009-1213 (Cross-site request forgery (CSRF) vulnerability in
attachment.cgi in ...)
- bugzilla <unfixed> (low)