Author: jmm-guest
Date: 2007-05-28 23:25:34 +0000 (Mon, 28 May 2007)
New Revision: 5945
Modified:
data/CVE/list
data/DSA/list
Log:
add otrs2 DSA
record fixed version for otrs2 in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-28 21:14:08 UTC (rev 5944)
+++ data/CVE/list 2007-05-28 23:25:34 UTC (rev 5945)
@@ -582,8 +582,8 @@
CVE-2007-2525 (Memory leak in the PPPoE socket implementation in the Linux
kernel ...)
- linux-2.6 <unfixed>
CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS
(Open ...)
- - otrs2 <unfixed> (bug #423524)
- [etch] - otrs2 2.0.4p01-17
+ - otrs2 2.1.1-1 (bug #423524)
+ NOTE: 2.1 and 2.2 are not affected, so recording earliest 2.1 version
as fix
CVE-2007-2523 (CA Anti-Virus for the Enterprise r8 and Threat Manager r8
before ...)
NOT-FOR-US: CA Anti-Virus
CVE-2007-2522 (Stack-based buffer overflow in the inoweb Console Server in CA
...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2007-05-28 21:14:08 UTC (rev 5944)
+++ data/DSA/list 2007-05-28 23:25:34 UTC (rev 5945)
@@ -1,3 +1,6 @@
+[28 May 2007] DSA-1298-1 otrs2
+ {CVE-2007-2524}
+ [etch] - otrs2 2.0.4p01-17
[24 May 2007] DSA-1297-1 gforge-plugin-scmcvs
{CVE-2007-0246}
[etch] - gforge-plugin-scmcvs 4.5.14-5etch1
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
