jmm-guest at alioth.debian.org
2008-Jan-01 17:34 UTC
[Secure-testing-commits] r7779 - in data: . CVE
Author: jmm-guest Date: 2008-01-01 17:34:15 +0000 (Tue, 01 Jan 2008) New Revision: 7779 Modified: data/CVE/list data/spu-candidates.txt Log: updates on minor issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-01 16:28:15 UTC (rev 7778) +++ data/CVE/list 2008-01-01 17:34:15 UTC (rev 7779) @@ -5655,8 +5655,12 @@ NOT-FOR-US: ABC eStore CVE-2007-4626 (Unspecified vulnerability in Polipo before 1.0.2 allows remote ...) - polipo 1.0.2-1 (low) + [sarge] - polipo <no-dsa> (Minor issue) + [etch] - polipo <no-dsa> (Minor issue) CVE-2007-4625 (Polipo before 1.0.2 allows remote HTTP servers to cause a denial of ...) - - polipo 1.0.2-1 + - polipo 1.0.2-1 (low) + [sarge] - polipo <no-dsa> (Minor issue) + [etch] - polipo <no-dsa> (Minor issue) CVE-2007-4624 (Cross-site scripting (XSS) vulnerability in pframe.php in AbleDesign ...) NOT-FOR-US: AbleDesign Dynamic Picture Frame CVE-2007-4623 (Stack-based buffer overflow in the sendrmt function in bellmail in IBM ...) @@ -10400,9 +10404,9 @@ CVE-2007-2631 (Cross-site request forgery (CSRF) vulnerability in SquirrelMail ...) NOTE: Duplicate of CVE-2007-2589 CVE-2007-2630 (Incomplete blacklist vulnerability in ...) - - moin 1.5.8-4.1 + - moin 1.5.8-4.1 (unimportant) - karrigell <not-affected> (Vulnerable php code not present) - - knowledgeroot 0.9.8.2-2 + - knowledgeroot 0.9.8.2-2 (unimportant) CVE-2007-2629 (Bradford CampusManager Network Control Application Server 3.1(6) ...) NOT-FOR-US: Bradford CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in ...) @@ -11476,7 +11480,9 @@ NOT-FOR-US: OpenSurveyPilot CVE-2007-2165 (The Auth API in ProFTPD before 20070417, when multiple simultaneous ...) - proftpd 1.3.0-24 (low) + [sarge] - proftpd <no-dsa> (Minor issue) - proftpd-dfsg 1.3.0-24 (low) + [etch] - proftpd-dfsg <no-dsa> (Minor issue) CVE-2007-2164 (Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial ...) - kdelibs <unfixed> (unimportant) NOTE: Browser crashes are not treated as security problems Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2008-01-01 16:28:15 UTC (rev 7778) +++ data/spu-candidates.txt 2008-01-01 17:34:15 UTC (rev 7779) @@ -22,6 +22,10 @@ -- +proftpd (CVE-2007-2165) + +-- + python2.4, python2.5 (CVE-2007-4965) http://bugs.python.org/issue1179 notified maintainer