Author: geissert Date: 2011-02-14 01:57:43 +0000 (Mon, 14 Feb 2011) New Revision: 16137 Modified: data/CVE/list Log: two, minor, python issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-02-14 01:45:26 UTC (rev 16136) +++ data/CVE/list 2011-02-14 01:57:43 UTC (rev 16137) @@ -1,3 +1,8 @@ +CVE-2008-XXXX [path traversal in SimpleHTTPServer] + - python2.5 <unfixed> + - python2.4 <removed> + NOTE: looks like it is fixed since 2.6 and 3.0 + NOTE: http://bugs.python.org/issue2254 CVE-2010-XXXX [kfreebsd dos] - kfreebsd-8 <undetermined> (bug #613312) - kfreebsd-7 <undetermined> (bug #613312) @@ -672,8 +677,15 @@ RESERVED CVE-2011-0706 RESERVED -CVE-2011-0705 +CVE-2011-0705 [path traversal in SimpleHTTPServer] RESERVED + - python3.2 <unfixed> + - python3.1 <unfixed> + - python2.7 <unfixed> + - python2.6 <unfixed> + - python2.5 <unfixed> + - python2.4 <removed> + NOTE: http://bugs.python.org/issue11197 CVE-2011-0704 RESERVED CVE-2011-0703 @@ -1814,6 +1826,7 @@ RESERVED - patch <unfixed> (unimportant) NOTE: Applying a patch blindly opens more severe security issues than only directory traversal... + NOTE: openwall ships a fix CVE-2010-4650 RESERVED - linux-2.6 2.6.32-30