Secure testing commits - Feb 2009 - r11209 - data/CVE

Author: joeyh
Date: 2009-02-13 21:14:13 +0000 (Fri, 13 Feb 2009)
New Revision: 11209

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-02-13 21:03:46 UTC (rev 11208)
+++ data/CVE/list	2009-02-13 21:14:13 UTC (rev 11209)
@@ -1,13 +1,13 @@
 CVE-2009-XXXX [nautilus: potential exploits via application launchers]
-        - nautilus <unfixed> (medium; bug #515104)
-        [lenny] - nautilus <unfixed>
-        [etch] - nautilus <unfixed>
-        NOTE: need to submit a request for CVE id
+	- nautilus <unfixed> (medium; bug #515104)
+	[lenny] - nautilus <unfixed>
+	[etch] - nautilus <unfixed>
+	NOTE: need to submit a request for CVE id
 CVE-2009-XXXX [konqueror: potential exploits via application launchers]
-        - konqueror <unfixed> (medium; bug #515106)
-        [lenny] - konqueror <unfixed>
-        [etch] - konqueror <unfixed>
-        NOTE: need to submit a request for CVE id
+	- konqueror <unfixed> (medium; bug #515106)
+	[lenny] - konqueror <unfixed>
+	[etch] - konqueror <unfixed>
+	NOTE: need to submit a request for CVE id
 CVE-2009-XXXX [mediawiki XSS in installer scripts]
 	[lenny] - mediawiki 1:1.12.0-2lenny3 (low; bug #514547)
 	NOTE: CVE id was requested on oss-sec
@@ -96,6 +96,7 @@
 CVE-2009-XXXX [tor: DoS vulnerability that could be performed by a directory
mirror]
 	- tor 0.2.0.34-1 (bug #514580)
 CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in
blocks/html/block_html.php ...)
+	{DSA-1724-1}
 	- moodle 1.8.2.dfsg-3 (low)
 	TODO: check snoopy and code copies
 	NOTE: MSA-09-0004
@@ -104,7 +105,7 @@
 	- moodle <unfixed> (low) 
 	[etch] - moodle <not-affected> (Vulnerable code not present)
 CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in
Moodle ...)
-	{DTSA-195-1}
+	{DSA-1724-1 DTSA-195-1}
 	- moodle 1.8.2.dfsg-3 (low)
 CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum
code in ...)
 	- moodle 1.8.2.dfsg-3 (low)
@@ -3497,6 +3498,7 @@
 	- p3nfs 5.19-1.2 (low; bug #506270)
 	[etch] - p3nfs <no-dsa> (Minor issue)
 CVE-2008-5153 (spell-check-logic.cgi in Moodle 1.8.2 allows local users to
overwrite ...)
+	{DSA-1724-1}
 	- moodle <unfixed> (unimportant)
 	NOTE: manual editing of file is required to run the unsafe code
 CVE-2008-5152 (inmail-show in mh-book 200605 allows local users to overwrite
...)