diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2009-07-25 13:34:25 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2009-07-25 13:34:25 +0000 |
commit | f7f96ec4a0ef62ee242c7faf0eb5f471c5b52595 (patch) | |
tree | 23030fae766d2f90ee39d07d70751c68f9d87ec4 | |
parent | 503df6414636e8cac4d927b3d70f75c5132079e3 (diff) |
- jetty fixed in experimental
- jetty CVEfied, remove dupe
- verlihub removed
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@12411 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list.2008 | 8 | ||||
-rw-r--r-- | data/CVE/list.2009 | 6 | ||||
-rw-r--r-- | data/packages/removed-packages | 2 | ||||
-rw-r--r-- | data/problematic-packages | 7 |
4 files changed, 6 insertions, 17 deletions
diff --git a/data/CVE/list.2008 b/data/CVE/list.2008 index 66d2c4d185..08c8c3b524 100644 --- a/data/CVE/list.2008 +++ b/data/CVE/list.2008 @@ -3756,13 +3756,9 @@ CVE-2008-5394 (/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably o {DSA-1709-1} - shadow 1:4.1.1-6 (bug #505271) CVE-2008-5706 (The cTrigger::DoIt function in src/ctrigger.cpp in the trigger ...) - - verlihub <unfixed> (low; bug #506530) - TODO: further investigation on this package is needed - NOTE: see http://asdfasdf.ethz.ch/~tar/lina/rats/verlihub.rats + - verlihub <removed> (low; bug #506530) CVE-2008-5705 (The cTrigger::DoIt function in src/ctrigger.cpp in the trigger ...) - - verlihub <unfixed> (low; bug #506530) - TODO: further investigation on this package is needed - NOTE: see http://asdfasdf.ethz.ch/~tar/lina/rats/verlihub.rats + - verlihub <removed> (low; bug #506530) CVE-2008-5189 (CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows ...) - rails 2.1.0-6 (low) CVE-2008-5188 (The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and ...) diff --git a/data/CVE/list.2009 b/data/CVE/list.2009 index fcaf611c7d..0fc6d021bf 100644 --- a/data/CVE/list.2009 +++ b/data/CVE/list.2009 @@ -2573,8 +2573,10 @@ CVE-2009-1525 (CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote .. NOT-FOR-US: Directadmin CVE-2009-1524 (Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before ...) - jetty <unfixed> (low; bug #527571) + NOTE: Fixed in experimental CVE-2009-1523 (Directory traversal vulnerability in the HTTP server in Mort Bay Jetty ...) - jetty <unfixed> (low; bug #528389) + NOTE: Fixed in experimental CVE-2009-1522 (The IBM Tivoli Storage Manager (TSM) client 5.5.0.0 through 5.5.1.17 ...) NOT-FOR-US: Tivoli CVE-2009-1521 (Unspecified vulnerability in the Java GUI in the IBM Tivoli Storage ...) @@ -2647,10 +2649,6 @@ CVE-2009-1496 (Directory traversal vulnerability in the Cmi Marketplace ...) NOT-FOR-US: com_cmimarketplace component for Joomla! CVE-2009-1495 (Web File Explorer 3.1 stores sensitive information under the web root ...) NOT-FOR-US: Web File Explorer -CVE-2009-XXXX [jetty: Vulnerability in ResourceHandler and DefaultServlet with aliases] - - jetty <unfixed> - NOTE: http://jira.codehaus.org/browse/JETTY-1004 - NOTE: It's not entirely clear, whether version 5 is affected CVE-2009-1494 (The process_stat function in Memcached 1.2.8 discloses ...) - memcached 1.2.8-1 (low; bug #526554) [lenny] - memcached <not-affected> (Affected compile-time options not set) diff --git a/data/packages/removed-packages b/data/packages/removed-packages index cf74620b0e..888dd9d1db 100644 --- a/data/packages/removed-packages +++ b/data/packages/removed-packages @@ -215,3 +215,5 @@ tomcat5 openssh-krb5 atmailopen phpicalendar +verlihub + diff --git a/data/problematic-packages b/data/problematic-packages index fea4ea58c1..fabc4f4997 100644 --- a/data/problematic-packages +++ b/data/problematic-packages @@ -26,10 +26,3 @@ Group maintained by Java Team, but no reply to RC security bug xpdf: (May 2009) No maintainer upload for two years, frequent security issues. Filed RC bug about maintenance status: #527840 - ----- - -verlihub: (May 2009) -No maintainer upload for one year, no reply to RC security bug -#506530 for six months as of 2009-05-21 -Requested removal from the archive: 529817 |