jmm-guest at alioth.debian.org
2007-Sep-10 23:29 UTC
[Secure-testing-commits] r6569 - data/CVE
Author: jmm-guest
Date: 2007-09-10 23:29:02 +0000 (Mon, 10 Sep 2007)
New Revision: 6569
Modified:
data/CVE/list
Log:
- ezpublish is in the archive
- there are more affected versions than apache 2.3.0, it''s even linked
from the CVE description:
http://httpd.apache.org/security/vulnerabilities_2[02].html
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-09-10 23:03:53 UTC (rev 6568)
+++ data/CVE/list 2007-09-10 23:29:02 UTC (rev 6569)
@@ -609,9 +609,9 @@
CVE-2007-4495 (Unspecified vulnerability in the ata disk driver in Sun Solaris
10 on ...)
NOT-FOR-US: Solaris
CVE-2007-4494 (The tipafriend function in eZ publish before 3.8.9, and 3.9
before ...)
- NOT-FOR-US: eZ publish
+ - ezpublish <unfixed>
CVE-2007-4493 (eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly
check ...)
- NOT-FOR-US: eZ publish
+ - ezpublish <unfixed>
CVE-2007-4492 (Multiple unspecified vulnerabilities in the ata disk driver in
Sun ...)
NOT-FOR-US: Solaris
CVE-2007-4491 (SQL injection vulnerability in uyeler2.php in Gurur haber 2.0
allows ...)
@@ -2010,8 +2010,7 @@
{DSA-1356-1}
- linux-2.6 2.6.22-4
CVE-2007-3847 (The date handling code in modules/proxy/proxy_util.c (mod_proxy)
in ...)
- - apache2 <not-affected> (low)
- NOTE: Only 2.3.0 affected
+ - apache2 <unfixed>
CVE-2007-3846 (Directory traversal vulnerability in Subversion before 1.4.5, as
used ...)
NOT-FOR-US: TortoiseSVN on Windows
CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and
2.x ...)