Author: jmm-guest
Date: 2007-07-31 21:51:21 +0000 (Tue, 31 Jul 2007)
New Revision: 6205
Modified:
data/CVE/list
Log:
python no-dsa
trac non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-31 21:41:01 UTC (rev 6204)
+++ data/CVE/list 2007-07-31 21:51:21 UTC (rev 6205)
@@ -4674,6 +4674,7 @@
CVE-2007-2052 (Off-by-one error in the PyLocale_strxfrm function in ...)
- python2.4 2.4.4-3 (bug #416931; low)
- python2.5 <unfixed> (bug #416934; low)
+ [etch] - python2.5 <no-dsa> (Minor issue)
- python2.3 <unfixed> (low)
CVE-2007-2051 (Buffer overflow in the parsecmd function in bftpd before 1.8
has ...)
NOT-FOR-US: bftpd
@@ -6240,10 +6241,12 @@
NOT-FOR-US: Quick.Cart
CVE-2007-1406 (Trac before 0.10.3.1 does not send a Content-Disposition HTTP
header ...)
[etch] - trac 0.10.3-1etch1
- - trac <unfixed> (low; bug #414134; bug #420219)
+ - trac 0.10.4-1 (unimportant; bug #414134; bug #420219)
+ NOTE: Browser bug, only exploitable on IE, still fixed in a point
release
CVE-2007-1405 (Cross-site scripting (XSS) vulnerability in the "download
wiki page as ...)
[etch] - trac 0.10.3-1etch1
- - trac <unfixed> (low; bug #414134; bug #420219)
+ - trac 0.10.4-1 (unimportant; bug #414134; bug #420219)
+ NOTE: Browser bug, only exploitable on IE, still fixed in a point
release
CVE-2007-1404 (tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows
remote ...)
NOT-FOR-US: ProSysInfo TFTP Server
CVE-2007-1403 (Multiple stack-based buffer overflows in an ActiveX control in
...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
