Author: white Date: 2010-03-27 05:06:28 +0000 (Sat, 27 Mar 2010) New Revision: 14332 Modified: data/CVE/list Log: curl fixed in sid/testing, vulnerable in stable Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-03-27 04:31:20 UTC (rev 14331) +++ data/CVE/list 2010-03-27 05:06:28 UTC (rev 14332) @@ -1064,10 +1064,9 @@ CVE-2010-0735 REJECTED CVE-2010-0734 (content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is ...) - - curl <undetermined> - NOTE: only affected when automatic decompression set, which is off by default upstream + - curl 7.20.0-1 (low) NOTE: http://www.openwall.com/lists/oss-security/2010/03/16/11 - TODO: check + NOTE: depends on the application that uses libcurl CVE-2010-0733 (Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL ...) - postgresql-7.4 <undetermined> - postgresql-8.1 <undetermined>