Author: nion Date: 2007-10-23 15:40:36 +0000 (Tue, 23 Oct 2007) New Revision: 7077 Modified: data/CVE/list Log: CVE-2007-5380, CVE-2007-5379 fixed in rails 1.2.4-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-23 15:35:44 UTC (rev 7076) +++ data/CVE/list 2007-10-23 15:40:36 UTC (rev 7077) @@ -845,9 +845,9 @@ CVE-2007-5381 (Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco ...) NOT-FOR-US: Line Printer Daemon (LPD) Cisco CVE-2007-5380 (Session fixation vulnerability in Rails before 1.2.4, as used for Ruby ...) - TODO: check + - rails 1.2.4-1 CVE-2007-5379 (Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers ...) - TODO: check + - rails 1.2.4-1 CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk ...) - tk8.3 8.3.5-10 (medium; bug #446465) - tk8.4 8.4.16-1 (medium) @@ -1413,7 +1413,7 @@ - util-linux 2.13-8 (low) - loop-aes-utils 2.13-2 (low) CVE-2007-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Alcatel ...) - TODO: check + NOT-FOR-US: Alcatel OmniVista CVE-2007-5189 (Multiple SQL injection vulnerabilities in mes_add.php in x-script ...) NOT-FOR-US: X-Script CVE-2007-5188 (Unspecified vulnerability in the XOOPS uploader class in Xoops ...)