Author: fw Date: 2010-02-15 20:58:50 +0000 (Mon, 15 Feb 2010) New Revision: 14102 Modified: data/CVE/list Log: CouchDB design problem Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-02-14 21:15:27 UTC (rev 14101) +++ data/CVE/list 2010-02-15 20:58:50 UTC (rev 14102) @@ -1,3 +1,8 @@ +CVE-2010-XXXX [CouchDB: browser interface has XSS, CSRF issues] + - couchdb <unfixed> (bug #570013) + [lenny] - couchdb <no-dsa> (does not support authentication at all) + NOTE: http://mail-archives.apache.org/mod_mbox/couchdb-dev/201002.mbox/%3C87bpfz5t39.fsf at mid.deneb.enyo.de%3E + NOTE: http://www.openwall.com/lists/oss-security/2010/02/15/5 CVE-2010-0637 TODO: check, webcalendar is in the archive CVE-2010-0636