Author: nion Date: 2008-10-03 14:36:33 +0000 (Fri, 03 Oct 2008) New Revision: 9965 Modified: data/CVE/list Log: add note for CVE-2008-4297, impact low Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-03 12:54:54 UTC (rev 9964) +++ data/CVE/list 2008-10-03 14:36:33 UTC (rev 9965) @@ -225,8 +225,8 @@ CVE-2008-4299 (A certain ActiveX control in the Microsoft Internet Authentication ...) NOT-FOR-US: Microsoft CVE-2008-4297 (Mercurial before 1.0.2 does not enforce the allowpull permission ...) - - mercurial <unfixed> (bug #500781) - NOTE: https://issues.rpath.com/browse/RPL-2753 + - mercurial <unfixed> (low; bug #500781) + NOTE: the package doesnt install this script by default but ships it with the examples CVE-2008-4296 (The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its ...) NOT-FOR-US: Cisco Linksys WRT350N CVE-2008-4295 (Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices ...)