Author: nion
Date: 2009-08-12 15:02:50 +0000 (Wed, 12 Aug 2009)
New Revision: 12576
Modified:
data/CVE/list
data/DSA/list
Log:
cveified roundup privilege escalation
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-08-12 14:18:39 UTC (rev 12575)
+++ data/CVE/list 2009-08-12 15:02:50 UTC (rev 12576)
@@ -1,5 +1,5 @@
CVE-2009-2737 (The EditCSVAction function in cgi/actions.py in Roundup 1.2
before ...)
- TODO: check
+ - roundup 1.4.4-4+lenny1 (bug #518768)
CVE-2009-2736 (Static code injection vulnerability in admin.php in sun-jester
...)
TODO: check
CVE-2009-2735 (SQL injection vulnerability in admin.php in sun-jester OpenNews
1.0, ...)
@@ -4429,10 +4429,6 @@
NOT-FOR-US: Simple Machines Forum
CVE-2007-6725 (The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and
possibly ...)
- ghostscript 8.63.dfsg.1-1 (medium; bug #524803)
-CVE-2009-XXXX [roundup: insufficient access checks in web frontend]
- - roundup 1.4.4-4+lenny1 (bug #518768)
- [etch] - roundup 1.2.1-10+etch1
- [lenny] - roundup 1.4.4-4+lenny1
CVE-2008-6680 (libclamav/pe.c in ClamAV before 0.95 allows remote attackers to
cause ...)
{DSA-1771-1}
- clamav 0.95.1+dfsg-1 (medium; bug #523016)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2009-08-12 14:18:39 UTC (rev 12575)
+++ data/DSA/list 2009-08-12 15:02:50 UTC (rev 12576)
@@ -343,6 +343,7 @@
[etch] - openafs 1.4.2-6etch2
[lenny] - openafs 1.4.7.dfsg1-6+lenny1
[09 Apr 2009] DSA-1754-1 roundup - privilege escalation
+ {CVE-2009-2737}
[etch] - roundup 1.2.1-10+etch1
[lenny] - roundup 1.4.4-4+lenny1
[09 Apr 2009] DSA-1767-1 multipath-tools - denial of service