Author: geissert Date: 2009-11-02 00:42:44 +0000 (Mon, 02 Nov 2009) New Revision: 13173 Modified: data/CVE/list Log: jetty and asterisk bugs filed, asterisk fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-11-01 23:52:27 UTC (rev 13172) +++ data/CVE/list 2009-11-02 00:42:44 UTC (rev 13173) @@ -130,7 +130,7 @@ CVE-2009-XXXX [multiple vulnerabilities in acidbase; XSS + possible sql injection] - acidbase <unfixed> (bug #552235) CVE-2009-XXXX [multiple vulnerabilities in jetty] - - jetty <unfixed> + - jetty <unfixed> (bug #553644) TODO: check NOTE: http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt CVE-2009-XXXX [cherokee 0.5.4 DoS] @@ -253,7 +253,7 @@ RESERVED [etch] - asterisk <not-affected> [lenny] - asterisk <not-affected> - - asterisk <unfixed> (medium) + - asterisk 1:1.6.2.0~rc3-2 (medium; bug #552756) NOTE: http://downloads.asterisk.org/pub/security/AST-2009-007.html CVE-2009-3722 (The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in ...) [etch] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)