white at alioth.debian.org
2007-Oct-07 07:35 UTC
[Secure-testing-commits] r6841 - data/CVE
Author: white Date: 2007-10-07 07:35:03 +0000 (Sun, 07 Oct 2007) New Revision: 6841 Modified: data/CVE/list Log: libservlet2.4-java also affected by CVE-2007-4724 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-07 02:54:42 UTC (rev 6840) +++ data/CVE/list 2007-10-07 07:35:03 UTC (rev 6841) @@ -1116,6 +1116,7 @@ CVE-2007-4724 (Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the ...) - tomcat5.5-webapps <not-affected> (Version already ships fixed files) - tomcat5-webapps <unfixed> (low; bug #441205) + - libservlet2.4-java <unfixed> (low) NOTE: DSA should not be required, minor issue, jsp just present as example CVE-2007-4723 (Directory traversal vulnerability in Ragnarok Online Control Panel ...) NOT-FOR-US: Ragnarok