diff options
| author | Stefan Fritsch <sf@debian.org> | 2009-06-06 08:39:34 +0000 |
|---|---|---|
| committer | Stefan Fritsch <sf@debian.org> | 2009-06-06 08:39:34 +0000 |
| commit | 79cbbe4d5e5992ab27fa0c75f6b720807046afa4 (patch) | |
| tree | c59d03dcef5ec4b5bc280bcd436e6d90df8482d9 /data | |
| parent | a5ad973514b53f467cf2cd7c2e261fd06986db85 (diff) | |
bugzilla bug references
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@12056 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 12 | ||||
| -rw-r--r-- | data/problematic-packages | 5 |
2 files changed, 11 insertions, 6 deletions
diff --git a/data/CVE/list b/data/CVE/list index 3209e8e8dc..77af2d2e62 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -2247,7 +2247,7 @@ CVE-2009-1214 (GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file - screen 4.0.3-13 (unimportant; bug #521123) NOTE: documented behaviour "or the public accessible screen-exchange", see man screen CVE-2009-1213 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in ...) - - bugzilla <unfixed> (low) + - bugzilla <unfixed> (low; bug #514143) [etch] - bugzilla <no-dsa> (Minor issue) [lenny] - bugzilla <no-dsa> (Minor issue) NOTE: should this really be considered minor? see fedora bug and FSA: @@ -5045,23 +5045,23 @@ CVE-2009-0486 (Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, ca [etch] - bugzilla <not-affected> (Versions before 3.2.1, 3.0.7, and 3.3.2 were not affected) [lenny] - bugzilla <not-affected> (Versions before 3.2.1, 3.0.7, and 3.3.2 were not affected) CVE-2009-0485 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to ...) - - bugzilla <unfixed> (low) + - bugzilla <unfixed> (low; bug #514143) [etch] - bugzilla <no-dsa> (Minor issue) [lenny] - bugzilla <no-dsa> (Minor issue) CVE-2009-0484 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before ...) - - bugzilla <unfixed> (low) + - bugzilla <unfixed> (low; bug #514143) [etch] - bugzilla <no-dsa> (Minor issue) [lenny] - bugzilla <no-dsa> (Minor issue) CVE-2009-0483 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 ...) - - bugzilla <unfixed> (low) + - bugzilla <unfixed> (low; bug #514143) [etch] - bugzilla <no-dsa> (Minor issue) [lenny] - bugzilla <no-dsa> (Minor issue) CVE-2009-0482 (Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 ...) - - bugzilla <unfixed> (low) + - bugzilla <unfixed> (low; bug #514143) [etch] - bugzilla <no-dsa> (Minor issue) [lenny] - bugzilla <no-dsa> (Minor issue) CVE-2009-0481 (Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and ...) - - bugzilla <unfixed> (low) + - bugzilla <unfixed> (low; bug #514143) [etch] - bugzilla <no-dsa> (Minor issue) [lenny] - bugzilla <no-dsa> (Minor issue) CVE-2009-0480 (The IP implementation in Sun Solaris 8 through 10, and OpenSolaris ...) diff --git a/data/problematic-packages b/data/problematic-packages index 46d52bc06c..fea4ea58c1 100644 --- a/data/problematic-packages +++ b/data/problematic-packages @@ -6,6 +6,11 @@ they find a new maintainer or get removed from the archive: ---- +bugzilla: (June 2009) +No reply to security bugs #514143 in unstable in 4 months. + +---- + jasper (June 2009) A security fix was dropped in a later upload, no followup on the respective bug for three weeks as of 2009-06-02. |