[Secure-testing-commits] r13078 - data/CVE

Michael Gilbert Fri, 23 Oct 2009 09:11:33 -0700

Author: gilbert-guest
Date: 2009-10-23 16:10:30 +0000 (Fri, 23 Oct 2009)
New Revision: 13078


Modified:
   data/CVE/list
Log:
mahara maintainer sent an email stating that versions <1.1 are not affected by 
cve-2009-2171

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-10-23 15:58:44 UTC (rev 13077)
+++ data/CVE/list       2009-10-23 16:10:30 UTC (rev 13078)
@@ -4943,7 +4943,7 @@
        - mahara 1.1.5-1 (low)
 CVE-2009-2171 (Mahara 1.1 before 1.1.5 does not apply permission checks when 
saving a ...)
        - mahara 1.1.5-1 (low)
-       [lenny] - mahara <no-dsa> (Minor issue)
+       [lenny] - mahara <not-affected> (vulnerable code introduced in 1.1)
 CVE-2009-2120 (Multiple SQL injection vulnerabilities in TekBase All-in-One 
3.1 allow ...)
        NOT-FOR-US: TekBase
 CVE-2009-2119 (Cross-site scripting (XSS) vulnerability in the login interface 
...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r13078 - data/CVE

Reply via email to