Author: white Date: 2009-12-06 07:19:50 +0000 (Sun, 06 Dec 2009) New Revision: 13460 Modified: data/CVE/list Log: merkaartor CVEified Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-06 07:15:38 UTC (rev 13459) +++ data/CVE/list 2009-12-06 07:19:50 UTC (rev 13460) @@ -6,8 +6,6 @@ NOT-FOR-US: Adobe Illustrator CVE-2009-4194 (Directory traversal vulnerability in Golden FTP Server 4.30 Free and ...) NOT-FOR-US: Golden FTP -CVE-2009-4193 (Merkaartor 0.14 allows local users to append data to arbitrary files ...) - TODO: check CVE-2009-4192 (Directory traversal vulnerability in dialog/file_manager.php in ...) NOT-FOR-US: Interspire Knowledge Manager CVE-2009-4191 (Unspecified vulnerability in the kernel in Sun Solaris 10 and ...) @@ -2023,8 +2021,8 @@ NOT-FOR-US: Oracle E-Business Suite CVE-2009-3392 (Unspecified vulnerability in the Agile Engineering Data Management ...) NOT-FOR-US: Oracle E-Business Suite -CVE-2009-XXXX [merkaartor merkaartor.log minor symlink attack] - - merkaartor 0.14+svnfixes~20090912-2 (unimportant; bug #548546) +CVE-2009-4193 [merkaartor merkaartor.log minor symlink attack] + - merkaartor 0.14+svnfixes~20090912-2 (low; bug #548546) [lenny] - merkaartor <not-affected> (vulnerable code not present) NOTE: does not run as root so minor issue. CVE-2009-XXXX [amsn SSL verification vuln]