jmm-guest at alioth.debian.org
2007-Jul-31 21:51 UTC
[Secure-testing-commits] r6205 - data/CVE
Author: jmm-guest Date: 2007-07-31 21:51:21 +0000 (Tue, 31 Jul 2007) New Revision: 6205 Modified: data/CVE/list Log: python no-dsa trac non-issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-31 21:41:01 UTC (rev 6204) +++ data/CVE/list 2007-07-31 21:51:21 UTC (rev 6205) @@ -4674,6 +4674,7 @@ CVE-2007-2052 (Off-by-one error in the PyLocale_strxfrm function in ...) - python2.4 2.4.4-3 (bug #416931; low) - python2.5 <unfixed> (bug #416934; low) + [etch] - python2.5 <no-dsa> (Minor issue) - python2.3 <unfixed> (low) CVE-2007-2051 (Buffer overflow in the parsecmd function in bftpd before 1.8 has ...) NOT-FOR-US: bftpd @@ -6240,10 +6241,12 @@ NOT-FOR-US: Quick.Cart CVE-2007-1406 (Trac before 0.10.3.1 does not send a Content-Disposition HTTP header ...) [etch] - trac 0.10.3-1etch1 - - trac <unfixed> (low; bug #414134; bug #420219) + - trac 0.10.4-1 (unimportant; bug #414134; bug #420219) + NOTE: Browser bug, only exploitable on IE, still fixed in a point release CVE-2007-1405 (Cross-site scripting (XSS) vulnerability in the "download wiki page as ...) [etch] - trac 0.10.3-1etch1 - - trac <unfixed> (low; bug #414134; bug #420219) + - trac 0.10.4-1 (unimportant; bug #414134; bug #420219) + NOTE: Browser bug, only exploitable on IE, still fixed in a point release CVE-2007-1404 (tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote ...) NOT-FOR-US: ProSysInfo TFTP Server CVE-2007-1403 (Multiple stack-based buffer overflows in an ActiveX control in ...)