joeyh at alioth.debian.org
2008-Aug-20 21:14 UTC
[Secure-testing-commits] r9614 - data/CVE
Author: joeyh
Date: 2008-08-20 21:14:09 +0000 (Wed, 20 Aug 2008)
New Revision: 9614
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-08-20 18:52:25 UTC (rev 9613)
+++ data/CVE/list 2008-08-20 21:14:09 UTC (rev 9614)
@@ -1,20 +1,26 @@
CVE-2008-3699 [insecure tmp file usage in amarok]
- amarok 1.4.10-1 (low; bug #494765)
CVE-2008-3740 [drupal XSS]
+ {DTSA-156-1}
- drupal5 5.10-1 (low; bug #495122)
TODO: check drupal4.7
CVE-2008-3741 [drupal XSS]
+ {DTSA-156-1}
- drupal5 5.10-1 (low; bug #495122)
TODO: check drupal4.7
CVE-2008-3742 [drupal file uploads via blogApi]
+ {DTSA-156-1}
- drupal5 5.10-1 (medium; bug #495122)
TODO: check drupal4.7
CVE-2008-3743 [drupal CSRF]
+ {DTSA-156-1}
- drupal5 <not-affected> (Vulnerable code not present)
CVE-2008-3744 [drupal CSRF]
+ {DTSA-156-1}
- drupal5 5.10-1 (low; bug #495122)
TODO: check drupal4.7
CVE-2008-3745 [drupal upload module privilege escalation]
+ {DTSA-156-1}
- drupal5 <not-affected> (Vulnerable code only present in 6.x)
CVE-2008-3666 (Unspecified vulnerability in Sun Solaris 10 and OpenSolaris
before ...)
NOT-FOR-US: Sun Solaris 10
@@ -1595,7 +1601,7 @@
[etch] - postfix <no-dsa> (minor issue)
CVE-2008-2936 [postfix hardlink to symlink priv esc]
RESERVED
- {DSA-1629-1 DTSA-155-1}
+ {DSA-1629-2 DSA-1629-1 DTSA-155-1}
- postfix 2.5.4-1
CVE-2008-2935 (Multiple heap-based buffer overflows in the rc4 (1) encryption
(aka ...)
{DSA-1624-1 DTSA-152-1}