Secure testing commits - May 2009 - r11827 - data/CVE

Author: derevko-guest
Date: 2009-05-07 08:56:26 +0000 (Thu, 07 May 2009)
New Revision: 11827

Modified:
   data/CVE/list
Log:
NFUs
CVE-2009-1527: new kernel issue
jetty issue is unimportant, only in unstable, only in contrib, fairly
unmaintained


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-05-07 06:18:52 UTC (rev 11826)
+++ data/CVE/list	2009-05-07 08:56:26 UTC (rev 11827)
@@ -48,21 +48,23 @@
 CVE-2009-1528
 	RESERVED
 CVE-2009-1527 (Race condition in the ptrace_attach function in kernel/ptrace.c
in the ...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2009-1526 (JBMC Software DirectAdmin before 1.334 allows local users to
create or ...)
-	TODO: check
+	NOT-FOR-US: Directadmin
 CVE-2009-1525 (CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote
...)
-	TODO: check
+	NOT-FOR-US: Directadmin
 CVE-2009-1524 (Cross-site scripting (XSS) vulnerability in Mort Bay Jetty
before ...)
-	TODO: check
+	- jetty <unfixed> (unimportant)
+	NOTE: only in unstable, only in contrib, fairly unmaintained
 CVE-2009-1523 (Directory traversal vulnerability in the HTTP server in Mort Bay
Jetty ...)
-	TODO: check
+	- jetty <unfixed> (unimportant)
+	NOTE: only in unstable, only in contrib, fairly unmaintained
 CVE-2009-1522 (The IBM Tivoli Storage Manager (TSM) client 5.5.0.0 through
5.5.1.17 ...)
-	TODO: check
+	NOT-FOR-US: Tivoli
 CVE-2009-1521 (Unspecified vulnerability in the Java GUI in the IBM Tivoli
Storage ...)
-	TODO: check
+	NOT-FOR-US: Tivoli
 CVE-2009-1520 (Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager
(TSM) ...)
-	TODO: check
+	NOT-FOR-US: Tivoli
 CVE-2009-XXXX [moin: XSS in AttachFile.py via attachements]
 	- moin <unfixed> (low; bug #526594)
 	[lenny] - moin 1.7.1-3+lenny2