Author: nion Date: 2007-11-08 21:11:40 +0000 (Thu, 08 Nov 2007) New Revision: 7248 Modified: data/CVE/list Log: CVE-2007-5828 python-django not an issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-08 20:57:05 UTC (rev 7247) +++ data/CVE/list 2007-11-08 21:11:40 UTC (rev 7248) @@ -113,7 +113,9 @@ CVE-2007-5829 (The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and ...) NOT-FOR-US: Symantec AntiVirus CVE-2007-5828 (Cross-site request forgery (CSRF) vulnerability in the admin panel in ...) - TODO: check + - python-django <unfixed> (unimportant) + NOTE: this is documented in docs/csrf.txt included in the python-django package and + NOTE: there is a plugin enabling this feature. This is intended behaviour. CVE-2007-5827 (iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for ...) - iscsitarget 0.4.15-5 (bug #448873) NOTE: init script has "dump" function, which marks conffile correctly