Author: nion Date: 2007-11-01 12:00:33 +0000 (Thu, 01 Nov 2007) New Revision: 7175 Modified: data/CVE/list Log: CVE-2007-5686 unimportant issue on Debian Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-01 11:49:59 UTC (rev 7174) +++ data/CVE/list 2007-11-01 12:00:33 UTC (rev 7175) @@ -106,7 +106,9 @@ CVE-2007-5687 (Multiple buffer overflows in the rich text processing functionality in ...) NOT-FOR-US: JustSystems Ichitaro CVE-2007-5686 (initscripts in rPath Linux 1 sets insecure permissions for the ...) - TODO: check + - login <unfixed> (unimportant) + NOTE: See #290803, on Debian LOG_UNKFAIL_ENAB in login.defs is set to no so + NOTE: unknown usernames are not recorded on login failures CVE-2007-5685 (The safe_path function in shttp before 0.0.5 allows remote attackers ...) NOT-FOR-US: shttp CVE-2007-5684 (Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and ...)