Author: geissert
Date: 2010-01-05 04:51:33 +0000 (Tue, 05 Jan 2010)
New Revision: 13717
Modified:
data/CVE/list
Log:
new sarg issues, expat todo done: regression fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-01-05 01:17:29 UTC (rev 13716)
+++ data/CVE/list 2010-01-05 04:51:33 UTC (rev 13717)
@@ -202,8 +202,10 @@
- redmine <unfixed>
TODO: check
CVE-2008-7250 (Cross-site scripting (XSS) vulnerability in Squid Analysis
Report ...)
+ - sarg <unfixed>
TODO: check
CVE-2008-7249 (Buffer overflow in Squid Analysis Report Generator (Sarg)
2.2.3.1, and ...)
+ - sarg <unfixed>
TODO: check
CVE-2009-XXXX [sendmail ssl cert spoofing via NUL character]
- sendmail <unfixed>
@@ -2851,7 +2853,6 @@
CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat
2.0.1, ...)
{DSA-1953-2 DSA-1953-1}
- expat 2.0.1-6 (low; bug #560901)
- TODO: reissue DSA due to regression in perl xml parser. see
http://mail.libexpat.org/pipermail/expat-discuss/2009-December/002644.html (new
patch not yet available).
- w3c-libwww <removed>
[etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
- python-xml <removed> (low; bug #560951)