Author: pabs Date: 2012-01-28 07:33:04 +0000 (Sat, 28 Jan 2012) New Revision: 18319 Modified: data/CVE/list Log: A couple of curl issues fixed in sid/testing Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-27 22:08:47 UTC (rev 18318) +++ data/CVE/list 2012-01-28 07:33:04 UTC (rev 18319) @@ -2858,8 +2858,9 @@ - linux-2.6 <unfixed> CVE-2012-0037 RESERVED -CVE-2012-0036 +CVE-2012-0036 (URL sanitization vulnerability) RESERVED + - curl 7.24.0-1 CVE-2012-0035 (Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as ...) - cedet <unfixed> (low; bug #655299) - emacs23 <unfixed> (low; bug #655300) @@ -6864,6 +6865,7 @@ - chromium-browser <unfixed> - webkit <unfixed> NOTE: strictly speaking this is no lighttpd issue, but lighttpd adds a workaround + - curl 7.24.0-1 CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site ...) NOT-FOR-US: Opera CVE-2011-3387 (The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote ...)