Author: geissert Date: 2009-11-20 18:02:17 +0000 (Fri, 20 Nov 2009) New Revision: 13329
Modified: data/CVE/list data/DSA/list Log: one new nginx issue, another one CVEified Modified: data/CVE/list =================================================================== --- data/CVE/list 2009-11-20 17:50:07 UTC (rev 13328) +++ data/CVE/list 2009-11-20 18:02:17 UTC (rev 13329) @@ -1,3 +1,7 @@ +CVE-2009-XXXX [ngingx webdav directory traversal] + - nginx <unfixed> (low) + TODO: check + NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0379.html CVE-2009-XXXX [dovecot 0777 base_dir creation] - dovecot <unfixed> (medium) NOTE: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html Modified: data/DSA/list =================================================================== --- data/DSA/list 2009-11-20 17:50:07 UTC (rev 13328) +++ data/DSA/list 2009-11-20 18:02:17 UTC (rev 13329) @@ -55,6 +55,7 @@ [etch] - expat 1.95.8-3.4+etch1 [lenny] - expat 2.0.1-4+lenny1 [26 Oct 2009] DSA-1920-1 nginx - denial of service + {CVE-2009-3896} [etch] - nginx 0.4.13-2+etch3 [lenny] - nginx 0.6.32-3+lenny3 [25 Oct 2009] DSA-1919-1 smarty - several vulnerabilities _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
