stef-guest at alioth.debian.org
2007-Dec-29 09:35 UTC
[Secure-testing-commits] r7753 - data/CVE
Author: stef-guest Date: 2007-12-29 09:35:19 +0000 (Sat, 29 Dec 2007) New Revision: 7753 Modified: data/CVE/list Log: new mongrel issue; info for autofs5 issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-12-29 09:14:09 UTC (rev 7752) +++ data/CVE/list 2007-12-29 09:35:19 UTC (rev 7753) @@ -1,3 +1,5 @@ +CVE-2007-XXXX [mongrel remote arbitrary file disclosure] + - mongrel 1.1.3-1 (medium) CVE-2007-6564 (Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS ...) NOT-FOR-US: Limbo CMS CVE-2007-6563 (Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly ...) @@ -650,7 +652,8 @@ CVE-2007-6286 RESERVED CVE-2007-6285 (The default configuration for autofs 5 (autofs5) on Red Hat Enterprise ...) - TODO: file bug (autofs5 is in experimental) + NOTE: maintainer will patch autofs5 in upload to unstable + TODO: check when autofs5 hits unstable - autofs <not-affected> (-hosts feature not present, auto.net has nosuid,nodev) - autofs5 <unfixed> CVE-2007-6284 @@ -1444,7 +1447,8 @@ CVE-2007-5964 (The default configuration of autofs 5 in Red Hat Enterprise Linux ...) - autofs 3.1.4-8 (medium) - autofs5 <unfixed> - TODO: file bug (autofs5 in experimental) + NOTE: maintainer will patch autofs5 in upload to unstable + TODO: check when autofs5 hits unstable CVE-2007-5963 (Unspecified vulnerability in kdebase allows local users to cause a ...) - kdebase <unfixed> (unimportant) NOTE: This has only theoretical security impact