gilbert-guest at alioth.debian.org
2009-Mar-07 19:37 UTC
[Secure-testing-commits] r11350 - data/CVE
Author: gilbert-guest
Date: 2009-03-07 19:37:03 +0000 (Sat, 07 Mar 2009)
New Revision: 11350
Modified:
data/CVE/list
Log:
fixing various inconsistencies, see email on debian-security-tracker mailing
list
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-03-06 23:56:53 UTC (rev 11349)
+++ data/CVE/list 2009-03-07 19:37:03 UTC (rev 11350)
@@ -1194,11 +1194,19 @@
CVE-2009-0543 (ProFTPD Server 1.3.1, with NLS support enabled, allows remote
...)
{DSA-1730-1 DSA-1727-1}
- proftpd 1.3.2-1 (medium; bug #516388)
+ [etch] - proftpd <not-affected>
+ [lenny] - proftpd 1.3.1-17lenny2
- proftpd-basic 1.3.2-1 (medium; bug #516388)
+ [etch] - proftpd-basic <not-affected>
+ [lenny] - proftpd-basic 1.3.1-17lenny2
CVE-2009-0542 (SQL injection vulnerability in ProFTPD Server 1.3.1 through
1.3.2rc2 ...)
{DSA-1730-1 DSA-1727-1}
- proftpd 1.3.2-1 (medium; bug #516388)
+ [etch] - proftpd <not-affected>
+ [lenny] - proftpd 1.3.1-17lenny2
- proftpd-basic 1.3.2-1 (medium; bug #516388)
+ [etch] - proftpd-basic <not-affected>
+ [lenny] - proftpd-basic 1.3.1-17lenny2
CVE-2009-0541 (Multiple cross-site scripting (XSS) vulnerabilities in Magento
1.2.0 ...)
NOT-FOR-US: Magento
CVE-2009-0540 (Cross-site scripting (XSS) vulnerability in Libero 5.3 SP5, and
...)
@@ -1911,9 +1919,11 @@
{DSA-1722-1 DSA-1721-1}
- libpam-heimdal 3.10-2.1
- libpam-krb5 3.13-2
+ [lenny] - libpam-krb5 3.11-4
CVE-2009-0360 (Russ Allbery pam-krb5 before 3.13, when linked against MIT
Kerberos, ...)
{DSA-1721-1}
- libpam-krb5 3.13-2
+ [lenny] - libpam-krb5 3.11-4
CVE-2009-0359 (Multiple cross-site scripting (XSS) vulnerabilities in Samizdat
before ...)
{DTSA-194-1}
- samizdat <unfixed>
@@ -4798,7 +4808,8 @@
[etch] - p3nfs <no-dsa> (Minor issue)
CVE-2008-5153 (spell-check-logic.cgi in Moodle 1.8.2 allows local users to
overwrite ...)
{DSA-1724-1}
- - moodle <unfixed> (unimportant)
+ - moodle 1.8.2.2dfsg-4
+ [lenny] - moodle 1.8.2.dfsg-3+lenny1
NOTE: manual editing of file is required to run the unsafe code
CVE-2008-5152 (inmail-show in mh-book 200605 allows local users to overwrite
...)
- mh-book <unfixed> (unimportant)
@@ -7249,6 +7260,7 @@
{DSA-1733-1}
- vim 2:7.2.010-1 (low; bug #500381)
[lenny] - vim 1:7.1.314-3+lenny1
+ [squeeze] - vim 1:7.1.314-3+lenny1
CVE-2008-4098 (MySQL before 5.0.67 allows local users to bypass certain
privilege ...)
{DSA-1662-1}
- mysql-dfsg-5.0 5.0.67-1
@@ -9850,14 +9862,17 @@
{DSA-1733-1}
- vim 2:7.2.010-1 (bug #506919)
[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
+ [squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
CVE-2008-3075 (The shellescape function in Vim 7.0 through 7.2, including
7.2a.10, ...)
{DSA-1733-1}
- vim 2:7.2.010-1 (bug #506919)
[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
+ [squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
CVE-2008-3074 (The shellescape function in Vim 7.0 through 7.2, including
7.2a.10, ...)
{DSA-1733-1}
- vim 2:7.2.010-1 (bug #506919)
[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
+ [squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
CVE-2008-3073 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x
before ...)
NOT-FOR-US: Simple Machines Forum
CVE-2008-3072 (Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before
...)