Author: fw
Date: 2009-10-11 18:17:20 +0000 (Sun, 11 Oct 2009)
New Revision: 12992
Modified:
data/CVE/list
Log:
CVE-2009-3474, CVE-2009-3475, CVE-2009-3476: fixed versions
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-10-11 18:08:09 UTC (rev 12991)
+++ data/CVE/list 2009-10-11 18:17:20 UTC (rev 12992)
@@ -249,23 +249,23 @@
{DSA-1895-2 DSA-1896-1 DSA-1895-1}
- xmltooling 1.2.2-1
- opensaml <removed>
- - opensaml2 <unfixed>
+ - opensaml2 2.2.1-1
- shibboleth-sp <removed>
- - shibboleth-sp2 <unfixed>
+ - shibboleth-sp2 2.2.1+dfsg-1
CVE-2009-3475 (Internet2 Shibboleth Service Provider software 1.3.x before
1.3.3 and ...)
{DSA-1895-2 DSA-1896-1 DSA-1895-1}
- xmltooling 1.2.2-1
- opensaml <removed>
- - opensaml2 <unfixed>
+ - opensaml2 2.2.1-1
- shibboleth-sp <removed>
- - shibboleth-sp2 <unfixed>
+ - shibboleth-sp2 2.2.1+dfsg-1
CVE-2009-3474 (OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as
used by ...)
{DSA-1895-2 DSA-1896-1 DSA-1895-1}
- xmltooling 1.2.2-1
- opensaml <removed>
- - opensaml2 <unfixed>
+ - opensaml2 2.2.1-1
- shibboleth-sp <removed>
- - shibboleth-sp2 <unfixed>
+ - shibboleth-sp2 2.2.1+dfsg-1
[lenny] - opensaml <no-dsa> (Minor issue)
TODO: next point update: [lenny] - opensaml 2.0-2+lenny1
CVE-2009-3473 (IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER
privilege ...)