diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2010-02-07 21:19:46 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2010-02-07 21:19:46 +0000 |
| commit | f456cd8d60b2dd3a8f4a7251de3a8de651ddea90 (patch) | |
| tree | 0d2bd290f0f5254e4477832bb6b8df2de46074d0 | |
| parent | 423a217b7fcd00563314c184ce144273eea3d7d1 (diff) | |
limited support for acidbase as discussed with maintainer
(the current default configuration already applies a similar setup)
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@14055 e39458fd-73e7-0310-bf30-c45bca0a0e42
| -rw-r--r-- | data/CVE/list | 4 | ||||
| -rw-r--r-- | data/package-tags | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index 6e600976e1..098038de56 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -177,10 +177,10 @@ CVE-2010-0468 (Cross-site scripting (XSS) vulnerability in utilities/longproc.cf CVE-2010-0467 (Directory traversal vulnerability in the ccNewsletter ...) TODO: check CVE-2010-XXXX [ocsinventory-server: multiple vulnerabilities] - - ocsinventory-server <undetermined> (medium) + - ocsinventory-server <unfixed> (unimportant) NOTE: http://www.openwall.com/lists/oss-security/2010/02/01/4 NOTE: claimed fixed in upstream 1.02.1 - TODO: check + NOTE: Authentication is needed, only supported in trusted environments, see debtags CVE-2010-XXXX [nautilus: file preview html script execution] - nautilus <not-affected> (proof-of-concept script is previewed as text, not executed) NOTE: http://seclists.org/fulldisclosure/2010/Feb/112 diff --git a/data/package-tags b/data/package-tags index 796190bd7d..2f33dfc4cb 100644 --- a/data/package-tags +++ b/data/package-tags @@ -40,3 +40,7 @@ [etch] wireshark <limited-support> (Not suitable for network monitoring / intrusion detection, DoS issues fixed with low priority through point updates) [lenny] wireshark <limited-support> (Not suitable for network monitoring / intrusion detection, DoS issues fixed with low priority through point updates) [squeeze] wireshark <limited-support> (Not suitable for network monitoring / intrusion detection, DoS issues fixed with low priority through point updates) + +[etch] acidbase <limited-support> (Only supported behind an authenticated HTTP zone for trusted users) +[lenny] acidbase <limited-support> (Only supported behind an authenticated HTTP zone for trusted users) +[squeeze] acidbase <limited-support> (Only supported behind an authenticated HTTP zone for trusted users) |