stef-guest at alioth.debian.org
2008-Sep-06 09:39 UTC
[Secure-testing-commits] r9768 - data/CVE
Author: stef-guest Date: 2008-09-06 09:39:45 +0000 (Sat, 06 Sep 2008) New Revision: 9768 Modified: data/CVE/list Log: apache2 stable updates Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-09-06 01:54:08 UTC (rev 9767) +++ data/CVE/list 2008-09-06 09:39:45 UTC (rev 9768) @@ -2255,7 +2255,7 @@ TODO: check CVE-2008-2939 (Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the ...) - apache2 2.2.9-7 (low) - [etch] - apache2 <no-dsa> (minor issue) + [etch] - apache2 <no-dsa> (minor issue; fix will be in 2.2.3-4+etch6) - apache <not-affected> (vulnerable code not present) CVE-2008-2938 (Directory traversal vulnerability in Apache Tomcat 4.1.0 through ...) - tomcat5.5 <unfixed> (low; bug #496309) @@ -3614,6 +3614,7 @@ NOTE: f358166a9405e4f1d8e50d8f415c26d95505b6de CVE-2008-2364 (The ap_proxy_http_process_response function in mod_proxy_http.c in the ...) - apache2 2.2.9-1 (low) + [etch] - apache2 <no-dsa> (minor issue, fix will be in 2.2.3-4+etch6) TODO: check apache 1.3 CVE-2008-2363 (The PartsBatch class in Pan 0.132 and earlier does not properly manage ...) - pan 0.132-3.1 (bug #483562) @@ -9777,6 +9778,7 @@ - apache2 2.2.9-1 (low) [etch] - apache2 <no-dsa> (minor issue) [sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2) + NOTE: Won''t be fixed in etch. CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, ...) NOT-FOR-US: HP-UX CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through ...)