thr3ads.net - Secure testing commits - [Secure-testing-commits] r8597

If this information is useful, please help other people find it:
Share via:

thijs at alioth.debian.org

2008-Apr-23 10:38 UTC

[Secure-testing-commits] r8597 - data/CVE

Author: thijs
Date: 2008-04-23 10:38:28 +0000 (Wed, 23 Apr 2008)
New Revision: 8597

Modified:
   data/CVE/list
Log:
two new serendipity issues, fixed in sid


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-04-23 09:41:36 UTC (rev 8596)
+++ data/CVE/list	2008-04-23 10:38:28 UTC (rev 8597)
@@ -1151,9 +1151,14 @@
 CVE-2008-1387 (ClamAV before 0.93 allows remote attackers to cause a denial of
...)
 	- clamav 0.92.1~dfsg2-1
 	[etch] - clamav <not-affected> (Vulnerable code not present)
-CVE-2008-1386
+CVE-2008-1386 [serendipity xss]
+	- serendipity 1.3.1-1
+	NOTE: http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html
 	RESERVED
-CVE-2008-1385
+CVE-2008-1385 [serendipity xss]
+	- serendipity 1.3.1-1
+	NOTE: http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html
+	NOTE: One of these two issues seems very theoretical, other one needs further
assessment
 	RESERVED
 CVE-2008-1384 (Integer overflow in PHP 5.2.5 and earlier allows
context-dependent ...)
 	- php5 <unfixed> (unimportant)

Secure testing commits - Apr 2008 - r8597 - data/CVE

[Secure-testing-commits] r8597 - data/CVE