Author: derevko-guest
Date: 2010-03-30 07:37:43 +0000 (Tue, 30 Mar 2010)
New Revision: 14355
Modified:
data/CVE/list
Log:
CVE-2009-4609 and CVE-2009-4610: jetty in Debian is not affected
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-03-29 21:22:32 UTC (rev 14354)
+++ data/CVE/list 2010-03-30 07:37:43 UTC (rev 14355)
@@ -2394,9 +2394,11 @@
CVE-2009-4611 (Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without
sanitizing ...)
- jetty 6.1.22-1
CVE-2009-4610 (Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay
Jetty ...)
- - jetty <unfixed> (low; bug #575790)
+ - jetty <not-affected> (low; bug #575790)
+ NOTE: the exploitable servlet is not shipped in Debian packages
CVE-2009-4609 (The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote
...)
- - jetty <unfixed> (low; bug #575791)
+ - jetty <not-affected> (low; bug #575791)
+ NOTE: the exploitable servlet is not shipped in Debian packages
CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer
(PIT) ...)
{DSA-2010-1 DSA-1996-1}
- linux-2.6 2.6.32-8