Author: jmm-guest
Date: 2010-08-01 22:21:24 +0000 (Sun, 01 Aug 2010)
New Revision: 15096
Modified:
data/CVE/list
Log:
adjust glpi to maintenance status
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-08-01 21:15:02 UTC (rev 15095)
+++ data/CVE/list 2010-08-01 22:21:24 UTC (rev 15096)
@@ -5164,7 +5164,8 @@
- alien-arena 7.33-5 (low; bug #575621)
[lenny] - alien-arena 7.0-1+lenny2
CVE-2010-XXXX [phpCAS XSS in final_uri; PHPCAS-52]
- - glpi 0.72.4-2 (bug #574760)
+ - glpi 0.72.4-2 (bug #574760; unimportant)
+ NOTE: Only supported behind an authenticated HTTP zone
NOTE: http://www.ja-sig.org/issues/browse/PHPCAS-52
CVE-2010-1028 (Integer overflow in the decompression functionality in the Web
Open ...)
- xulrunner <not-affected> (vulnerability introduced in firefox 3.6)
@@ -22354,7 +22355,8 @@
- squid3 3.0.STABLE8-3 (medium)
[etch] - squid <not-affected> (Vulnerable code not present)
CVE-2009-XXXX [glpi sql injection]
- - glpi 0.71.5-1 (bug #513611)
+ - glpi 0.71.5-1 (bug #513611; unimportant)
+ NOTE: Only supported behind an authenticated HTTP zone
CVE-2009-0490 (Stack-based buffer overflow in the
String_parse::get_nonspace_quoted ...)
{DTSA-192-1}
- audacity 1.3.6-1 (bug #514138)
@@ -25167,7 +25169,8 @@
CVE-2008-XXXX [multiple vulnerabilities in phpcas]
- libphp-cas <itp> (bug #495542)
- moodle <unfixed>
- - glpi <unfixed>
+ - glpi <unfixed> (unimportant)
+ NOTE: Only supported behind an authenticated HTTP zone
NOTE: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82
NOTE: upstream has been notified
TODO: write proper advisory and request CVE id