Author: corsac Date: 2012-01-19 12:58:19 +0000 (Thu, 19 Jan 2012) New Revision: 18217 Modified: data/CVE/list Log: mark CVE-2010-1104 and CVE-2011-4924 as affecting zope2 and zope3 Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-19 11:37:03 UTC (rev 18216) +++ data/CVE/list 2012-01-19 12:58:19 UTC (rev 18217) @@ -1355,7 +1355,13 @@ CVE-2011-4925 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource ...) - torque <not-affected> (The version in Debian doesn''t yet have MUNGE support) CVE-2011-4924 - RESERVED + - zope3 <removed> (low) + - zope2.10 <removed> (low) + [lenny] - zope2.10 <no-dsa> (Minor issue) + [lenny] - zope3 <no-dsa> (Minor issue) + - zope2.11 <removed> + - zope2.9 <removed> + NOTE: http://openwall.com/lists/oss-security/2012/01/19/16 CVE-2011-4923 [backuppc xss issue] RESERVED - backuppc 3.2.1-2 (bug #646865) @@ -28743,7 +28749,10 @@ NOT-FOR-US: Moa Gallery CVE-2010-1104 (Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, ...) - zope2.10 <removed> (low) + - zope3 <removed> (low) + - zope2.10 <removed> (low) [lenny] - zope2.10 <no-dsa> (Minor issue) + [lenny] - zope3 <no-dsa> (Minor issue) - zope2.11 <removed> - zope2.9 <removed> NOTE: https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html