Author: derevko-guest Date: 2010-04-14 08:17:40 +0000 (Wed, 14 Apr 2010) New Revision: 14476 Modified: data/CVE/list Log: - CVE-2010-1277 and CVE-2010-0743 fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-04-13 23:26:46 UTC (rev 14475) +++ data/CVE/list 2010-04-14 08:17:40 UTC (rev 14476) @@ -159,7 +159,10 @@ CVE-2010-1278 RESERVED CVE-2010-1277 (SQL injection vulnerability in the user.authenticate method in the API ...) - - zabbix <unfixed> (bug #577058) + - zabbix 1:1.8.2-1 (bug #577058) + [lenny] - zabbix <not-affected> (vulnerable code not present) + [etch] - zabbix <not-affected> (vulnerable code not present) + NOTE: This is a bug that was introduced with the Zabbix 1.8 API CVE-2010-1276 (Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 ...) NOT-FOR-US: BBSXP CVE-2010-1275 (Cross-site scripting (XSS) vulnerability in ShowPost.asp in BBSXP 2008 ...) @@ -1726,7 +1729,7 @@ [lenny] - amsn <no-dsa> (Minor issue) NOTE: http://www.juniper.net/security/auto/vulnerabilities/vuln35507.html CVE-2010-0743 (Multiple format string vulnerabilities in isns.c in (1) Linux SCSI ...) - - iscsitarget <unfixed> (medium; bug #574935) + - iscsitarget 1:1.0.3-2 (medium; bug #574935) - tgt 1:1.0.3-2 (medium; bug #576086) CVE-2010-0742 RESERVED