Author: jmm-guest Date: 2010-11-17 20:19:45 +0000 (Wed, 17 Nov 2010) New Revision: 15598 Modified: data/CVE/list Log: - yaws issue windows-specific - mahara not-affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-11-17 08:59:32 UTC (rev 15597) +++ data/CVE/list 2010-11-17 20:19:45 UTC (rev 15598) @@ -115,7 +115,7 @@ CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...) NOT-FOR-US: Microsoft Windows CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...) - - yaws <unfixed> (bug #603748) + - yaws <not-affected> (Only affects Windows) CVE-2010-4180 RESERVED CVE-2010-4179 @@ -828,8 +828,7 @@ CVE-2010-3872 RESERVED CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...) - - mahara <unfixed> (low; bug #603749) - [lenny] - mahara <not-affected> (Vulnerable file not included) + - mahara <not-affected> (Vulnerable feature introduced in 1.3) TODO: File was introduced after 1.2.6, so check that next sid version is at least 1.3.3 or higher CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...) - php5 <unfixed> (bug #603751)