[Secure-testing-commits] r7733 - data/CVE

Thu, 27 Dec 2007 03:30:46 -0800 

Author: stef-guest
Date: 2007-12-27 11:30:49 +0000 (Thu, 27 Dec 2007)
New Revision: 7733

Modified:
   data/CVE/list
Log:
pending apache fixes

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-12-27 10:17:38 UTC (rev 7732)
+++ data/CVE/list       2007-12-27 11:30:49 UTC (rev 7733)
@@ -4570,7 +4570,8 @@
        [etch] - apache <no-dsa> (minor issue)
        - apache2 <unfixed> (low)
        - apache <unfixed> (low)
-       NOTE: pending for 2.2.3-4+etch4 / etch r3
+       NOTE: pending for apache2 2.2.3-4+etch4 / etch r3
+       NOTE: pending for apache 1.3.34-4.1+etch1 / etch r3
 CVE-2007-4999 (libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML 
logging, ...)
        - pidgin 2.2.2-1 (medium)
 CVE-2007-4998
@@ -7232,6 +7233,8 @@
 CVE-2007-3847 (The date handling code in modules/proxy/proxy_util.c 
(mod_proxy) in ...)
        - apache2 2.2.6-1 (bug #441845; low)
        [etch] - apache2 2.2.3-4+etch3 (bug #441845; low)
+       - apache <removed> (unimportant)
+       NOTE: Apache 1.3 is non-threaded, therefore unimportant
 CVE-2007-3846 (Directory traversal vulnerability in Subversion before 1.4.5, 
as used ...)
        NOT-FOR-US: TortoiseSVN on Windows
 CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 
2.x ...)
@@ -11968,10 +11971,10 @@
        - php5 5.2.2-1
 CVE-2007-1863 (cache_util.c in the mod_cache module in Apache HTTP Server 
(httpd), ...)
        - apache2 2.2.4-1 (low)
-       - apache <unfixed> (low)
+       - apache <removed> (unimportant)
        [sarge] - apache2 2.0.54-5sarge2
        [etch] - apache2 2.2.3-4+etch2
-       NOTE: vulnerable code in src/modules/proxy/proxy_cache.c starting in 
line 1132
+       NOTE: Apache 1.3 is non-threaded, therefore unimportant
 CVE-2007-1862 (The recall_headers function in mod_mem_cache in Apache 2.2.4 
does not ...)
        - apache2 <not-affected> (Only Apache 2.2.4 was affected, and all 
versions of 2.2.4 in Debian are fixed)
 CVE-2007-1861 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux 
Kernel ...)
@@ -13272,6 +13275,7 @@
 CVE-2007-1349 (PerlRun.pm in Apache mod_perl before 1.30, and 
RegistryCooker.pm in ...)
        - apache <removed> (low)
        - libapache2-mod-perl2 2.0.2-5 (low; bug #433549)
+       NOTE: pending for apache 1.3.34-4.1+etch1 / etch r3
 CVE-2007-1348
        RESERVED
 CVE-2007-1347 (Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 
FR, and ...)
@@ -19598,6 +19602,7 @@
        [sarge] - apache2 2.0.54-5sarge2
        [etch] - apache2 2.2.3-4+etch2
        - apache <removed> (low)
+       NOTE: pending for apache 1.3.34-4.1+etch1 / etch r3
 CVE-2006-5751 (Integer overflow in the get_fdb_entries function in ...)
        {DSA-1233}
        - linux-2.6 2.6.18-8 (medium)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to