Author: alec-guest Date: 2006-05-19 15:23:35 +0000 (Fri, 19 May 2006) New Revision: 3980 Modified: data/CVE/list Log: found fixed version of jetty, knowledgetree, and libextractor Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-19 15:01:50 UTC (rev 3979) +++ data/CVE/list 2006-05-19 15:23:35 UTC (rev 3980) @@ -1,5 +1,5 @@ CVE-2006-2458 (Multiple heap-based buffer overflows in Libextractor 0.5.13 and ...) - TODO: check + libextractor 0.5.14-1 CVE-2006-2457 RESERVED CVE-2006-2456 @@ -5456,7 +5456,7 @@ CVE-2003-1290 (BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI ...) NOT-FOR-US: BEA WebLogic Server CVE-2006-2443 (The Debian package of knowledgetree 2.0.7 creates environment.php with ...) - - knowledgetree <unfixed> (bug #348306; medium) + - knowledgetree 2.0.7-2 (bug #348306; medium) CVE-2006-XXXX [php5 response splitting] - php5 5.1.2-1 (bug #347894) - php4 <not-affected> (vulnerable code was introduced in PHP5) @@ -7946,7 +7946,7 @@ CVE-2005-3748 (SQL injection vulnerability in the Search module in Tru-Zone Nuke ET ...) NOT-FOR-US: Tru-Zone Nuke ET CVE-2005-3747 (Unspecified vulnerability in Jetty before 5.1.6 allows remote ...) - - jetty <unfixed> (bug #340582; medium) + - jetty 5.1.8-1 (bug #340582; medium) CVE-2005-3746 (SQL injection vulnerability in thread.php in APBoard allows remote ...) NOT-FOR-US: APBoard CVE-2005-3745 (Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and ...)