thr3ads.net - Secure testing commits - [Secure-testing-commits] r6390

If this information is useful, please help other people find it:
Share via:

thijs at alioth.debian.org

2007-Aug-24 09:50 UTC

[Secure-testing-commits] r6390 - data/CVE

Author: thijs
Date: 2007-08-24 09:50:11 +0000 (Fri, 24 Aug 2007)
New Revision: 6390

Modified:
   data/CVE/list
Log:
reported bug for websvn.
Websvn does not have cookie based authentication by itself.
I therefore don''t think this is serious enough for a stable update.


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-08-24 09:27:16 UTC (rev 6389)
+++ data/CVE/list	2007-08-24 09:50:11 UTC (rev 6390)
@@ -3223,7 +3223,9 @@
 CVE-2007-3057 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: XOOPS
 CVE-2007-3056 (Cross-site scripting (XSS) vulnerability in filedetails.php in
WebSVN ...)
-	- websvn <unfixed> (low)
+	- websvn <unfixed> (low; bug #439337)
+	NOTE: Websvn does not have cookie based authentication by itself.
+	NOTE: I therefore don''t think this is serious enough for a stable
update.
 CVE-2007-3055 (Cross-site scripting (XSS) vulnerability in index.php in Codelib
...)
 	NOT-FOR-US: Codelib Linker
 CVE-2007-3054 (Cross-site scripting (XSS) vulnerability in search.php in
Codelib ...)

Secure testing commits - Aug 2007 - r6390 - data/CVE

[Secure-testing-commits] r6390 - data/CVE