Author: derevko-guest
Date: 2010-02-12 21:18:31 +0000 (Fri, 12 Feb 2010)
New Revision: 14086
Modified:
data/CVE/list
Log:
mysql triage
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-02-12 21:14:28 UTC (rev 14085)
+++ data/CVE/list 2010-02-12 21:18:31 UTC (rev 14086)
@@ -2909,9 +2909,8 @@
CVE-2009-4074 (The XSS Filter in Microsoft Internet Explorer 8 allows remote
...)
NOT-FOR-US: Microsoft Internet Explorer 8
CVE-2008-7247 (sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through
5.1.41, ...)
- - mysql-dfsg-5.1 <unfixed>
- - mysql-dfsg-5.0 <removed>
- TODO: check
+ - mysql-dfsg-5.1 <unfixed> (low; bug #569484)
+ - mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
CVE-2009-4214 (Cross-site scripting (XSS) vulnerability in the strip_tags
function in ...)
- rails 2.2.3-2 (low; bug #558685)
NOTE:
http://groups.google.com/group/rubyonrails-security/browse_thread/thread/4d4f71f2aef4c0ab?pli=1
@@ -3053,9 +3052,9 @@
NOTE: spu will be released to avoid spreading the bug even further
NOTE: http://lists.gnu.org/archive/html/automake/2009-12/msg00012.html
CVE-2009-4028 (The vio_verify_callback function in viosslfactories.c in MySQL
5.0.x ...)
- - mysql-dfsg-5.1 5.1.41-1
- - mysql-dfsg-5.0 <removed>
- TODO: check
+ - mysql-dfsg-5.1 <not-affected> (Vulnerable code not present)
+ - mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
+ NOTE: built with --without-openssl
CVE-2009-4027 (Race condition in the mac80211 subsystem in the Linux kernel
before ...)
{DTSA-204-1}
- linux-2.6 2.6.32-1 (medium)