jmm-guest at alioth.debian.org
2008-Nov-17 18:18 UTC
[Secure-testing-commits] r10402 - data/CVE
Author: jmm-guest
Date: 2008-11-17 18:18:17 +0000 (Mon, 17 Nov 2008)
New Revision: 10402
Modified:
data/CVE/list
Log:
ktorrent fixed
one ruby issue fixed
tomcat6 not affected, just an API package
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-11-17 18:17:28 UTC (rev 10401)
+++ data/CVE/list 2008-11-17 18:18:17 UTC (rev 10402)
@@ -521,7 +521,7 @@
NOT-FOR-US: Simple PHP Scripts blog
CVE-2008-XXXX [ktorrent issues]
- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
- - ktorrent <unfixed>
+ - ktorrent 3.1.4+dfsg.1-1
CVE-2008-XXXX [epiphany-browser: Python scripts load modules from current
directory]
- epiphany-browser 2.22.3-7 (bug #504363; low)
[etch] - epiphany-browser <no-dsa> (Minor issue, only vulnerable when
called from certain dir)
@@ -2610,7 +2610,7 @@
CVE-2008-3905 (resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287,
1.8.7 ...)
{DSA-1652-1 DSA-1651-1}
- ruby1.8 1.8.7.72-1 (bug #498978)
- - ruby1.9 <unfixed> (bug #498977)
+ - ruby1.9 1.9.0.2-6 (bug #498977)
CVE-2008-3903 (Asterisk PBX 1.2 through 1.6 and Trixbox PBX 2.6.1, when running
with ...)
NOT-FOR-US: Asterisk PBX
CVE-2008-3902 (HP firmware 68DTT F.0D stores pre-boot authentication passwords
in the ...)
@@ -5010,7 +5010,6 @@
- apache <not-affected> (vulnerable code not present)
CVE-2008-2938 (Directory traversal vulnerability in Apache Tomcat 4.1.0 through
...)
- tomcat5.5 5.5.26-5 (low; bug #496309)
- - tomcat6 <unfixed> (low)
CVE-2008-2937 (Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to
a ...)
- postfix 2.5.4-1 (low)
[etch] - postfix <no-dsa> (minor issue)
@@ -6354,7 +6353,6 @@
- pcre3 7.6-2.1 (medium; bug #488919)
CVE-2008-2370 (Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and
6.0.0 ...)
- tomcat5.5 5.5.26-4 (bug #494504)
- - tomcat6 <unfixed> (low)
CVE-2008-2369 (manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has
a ...)
NOT-FOR-US: Red Hat Network Satellite Server
CVE-2008-2368
@@ -9050,7 +9048,6 @@
- icedove 2.0.0.14-1
CVE-2008-1232 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0
...)
- tomcat5.5 5.5.26-4 (low; bug #494504)
- - tomcat6 <unfixed> (low)
CVE-2008-1231 (Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104
and ...)
- jspwiki 2.8.0-1 (bug #470477)
CVE-2008-1230 (Unrestricted file upload vulnerability in JSPWiki 2.4.104 and
2.5.139 ...)