thr3ads.net - Secure testing commits - [Secure-testing-commits] r9423

If this information is useful, please help other people find it:
Share via:

nion at alioth.debian.org

2008-Jul-26 19:26 UTC

[Secure-testing-commits] r9423 - data/CVE

Author: nion
Date: 2008-07-26 19:26:46 +0000 (Sat, 26 Jul 2008)
New Revision: 9423

Modified:
   data/CVE/list
Log:
proper upstream fix for CVE-2008-3222 in drupal5 5.8-1

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-07-26 17:28:03 UTC (rev 9422)
+++ data/CVE/list	2008-07-26 19:26:46 UTC (rev 9423)
@@ -191,7 +191,7 @@
 	- drupal5 <not-affected> (Vulnerable code not present, openids
introduced in 6.0)
 	- drupal-4.7 <not-affected> (Vulnerable code not present, openids
introduced in 6.0)
 CVE-2008-3222 [session fixation vulnerability]
-	- drupal5 5.8-1 (low; bug #490559)
+	- drupal5 5.9-1 (low; bug #490559)
 	- drupal-4.7 <unfixed> (low)
 	TODO: report drupal-4.7 bug (see modules/user.module line 964,
sess_regenerate() needs to be called)
 	NOTE: before login action

Secure testing commits - Jul 2008 - r9423 - data/CVE

[Secure-testing-commits] r9423 - data/CVE