Author: nion
Date: 2009-12-02 09:33:58 +0000 (Wed, 02 Dec 2009)
New Revision: 13422
Modified:
data/CVE/list
Log:
CVE-2009-1383,CVE-2009-246{0,1} fixed in mathtex 1.03-1
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-12-02 09:14:46 UTC (rev 13421)
+++ data/CVE/list 2009-12-02 09:33:58 UTC (rev 13422)
@@ -5214,9 +5214,9 @@
CVE-2009-2480 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six
Apart ...)
NOT-FOR-US: Six Apart Movable Type
CVE-2009-2461 (mathtex.cgi in mathTeX, when downloaded before 20090713, does
not ...)
- - mathtex <unfixed> (low; bug #537253)
+ - mathtex 1.03-1 (low; bug #537253)
CVE-2009-2460 (Multiple stack-based buffer overflows in mathtex.cgi in mathTeX,
when ...)
- - mathtex <unfixed> (medium; bug #537253)
+ - mathtex 1.03-1 (medium; bug #537253)
NOTE: severity set to medium as this is used in several web applications for
conversions
CVE-2009-2459 (Multiple unspecified vulnerabilities in mimeTeX, when downloaded
...)
{DSA-1917-1}
@@ -8179,7 +8179,7 @@
CVE-2009-1384 (pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise
Linux ...)
NOT-FOR-US: Different code base than Debian''s libpam-krb5
CVE-2009-1383 (The getdirective function in mathtex.cgi in mathTeX, when
downloaded ...)
- - mathtex <unfixed> (medium; bug #537258)
+ - mathtex 1.03-1 (medium; bug #537258)
CVE-2009-1382 (Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX,
when ...)
{DSA-1917-1}
- mimetex 1.50-1.1 (medium; bug #537254)