thr3ads.net - Secure testing commits - [Secure-testing-commits] r9373

If this information is useful, please help other people find it:
Share via:

white at alioth.debian.org

2008-Jul-18 13:02 UTC

[Secure-testing-commits] r9373 - data/CVE

Author: white
Date: 2008-07-18 13:02:55 +0000 (Fri, 18 Jul 2008)
New Revision: 9373

Modified:
   data/CVE/list
Log:
New bugzilla3 not-affected by older CVEs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-07-18 10:21:38 UTC (rev 9372)
+++ data/CVE/list	2008-07-18 13:02:55 UTC (rev 9373)
@@ -13598,10 +13598,8 @@
 	NOT-FOR-US: Olate Download
 CVE-2007-4539 (The WebService (XML-RPC) interface in Bugzilla 2.23.3 through
3.0.0 ...)
 	- bugzilla <not-affected> (source code is too old to inlude this
vulnerability)
-	TODO: check when newer upstream version enters the pool (> 2.22.1-2.2)
 CVE-2007-4538 (email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote
attackers ...)
 	- bugzilla <not-affected> (source code is too old to inlude this
vulnerability)
-	TODO: check when newer upstream version enters the pool (> 2.22.1-2.2)
 CVE-2007-4537 (Heap-based buffer overflow in the Huffman decompression
algorithm ...)
 	NOT-FOR-US: Skulltag
 CVE-2007-4536 (TorrentTrader 1.07 and earlier sets insecure permissions for
files in ...)

Secure testing commits - Jul 2008 - r9373 - data/CVE

[Secure-testing-commits] r9373 - data/CVE