white at alioth.debian.org
2009-Feb-22 10:22 UTC
[Secure-testing-commits] r11249 - data/CVE
Author: white Date: 2009-02-22 10:22:01 +0000 (Sun, 22 Feb 2009) New Revision: 11249 Modified: data/CVE/list Log: new ruby issue; new webkit issue reported to BTS Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-21 05:28:21 UTC (rev 11248) +++ data/CVE/list 2009-02-22 10:22:01 UTC (rev 11249) @@ -103,7 +103,8 @@ CVE-2009-0643 (Static code injection vulnerability in post.php in Simple PHP News 1.0 ...) NOT-FOR-US: Simple PHP News CVE-2009-0642 (ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check ...) - TODO: check + - ruby1.9 <unfixed> (bug #513528) + - ruby1.8 <unfixed> CVE-2009-0641 (sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions ...) TODO: check CVE-2009-0640 (Directory traversal vulnerability in the administrative web server in ...) @@ -814,7 +815,7 @@ CVE-2008-6060 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary ...) NOT-FOR-US: InfoSoft FusionCharts CVE-2008-6059 (xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not ...) - TODO: check + - webkit <unfixed> (bug #516555) CVE-2008-6058 (Syslserve 1.058 and earlier, and probably 1.059, allows remote ...) NOT-FOR-US: Syslserve CVE-2008-6057 (Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under ...)