Author: nion Date: 2008-02-13 20:48:55 +0000 (Wed, 13 Feb 2008) New Revision: 8154 Modified: data/CVE/list Log: update on CVE-2007-6286, copied wrong CVE id first Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-02-13 20:47:29 UTC (rev 8153) +++ data/CVE/list 2008-02-13 20:48:55 UTC (rev 8154) @@ -2556,8 +2556,9 @@ CVE-2007-6287 (Cross-site scripting (XSS) vulnerability in the login page in Lxlabs ...) NOT-FOR-US: HyperVM CVE-2007-6286 (Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the ...) - - tomcat5.5 unfixed (medium; bug #465644) - - tomcat5 <removed> + TODO: check + NOTE: poked maintainer if we make use of the apr backend, I guess not because + NOTE: libapr is not the build-deps CVE-2007-6285 (The default configuration for autofs 5 (autofs5) in some Linux ...) NOTE: maintainer will patch autofs5 in upload to unstable TODO: check when autofs5 hits unstable