diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2010-02-07 21:19:46 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2010-02-07 21:19:46 +0000 |
| commit | 785bcf5890a74bc2e2fed53af6cd940c11389976 (patch) | |
| tree | c44e2a6250a2b091985853145d18c4c9780576b3 | |
| parent | 708a966e64fb3b8ccf6f240aacc061c0736992dd (diff) | |
limited support for acidbase as discussed with maintainer
(the current default configuration already applies a similar setup)
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@14055 e39458fd-73e7-0310-bf30-c45bca0a0e42
| -rw-r--r-- | data/CVE/2010.list | 4 | ||||
| -rw-r--r-- | data/package-tags | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/data/CVE/2010.list b/data/CVE/2010.list index 88d7d981b6..c727977070 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -177,10 +177,10 @@ CVE-2010-0468 (Cross-site scripting (XSS) vulnerability in utilities/longproc.cf CVE-2010-0467 (Directory traversal vulnerability in the ccNewsletter ...) TODO: check CVE-2010-XXXX [ocsinventory-server: multiple vulnerabilities] - - ocsinventory-server <undetermined> (medium) + - ocsinventory-server <unfixed> (unimportant) NOTE: http://www.openwall.com/lists/oss-security/2010/02/01/4 NOTE: claimed fixed in upstream 1.02.1 - TODO: check + NOTE: Authentication is needed, only supported in trusted environments, see debtags CVE-2010-XXXX [nautilus: file preview html script execution] - nautilus <not-affected> (proof-of-concept script is previewed as text, not executed) NOTE: http://seclists.org/fulldisclosure/2010/Feb/112 diff --git a/data/package-tags b/data/package-tags index 796190bd7d..2f33dfc4cb 100644 --- a/data/package-tags +++ b/data/package-tags @@ -40,3 +40,7 @@ [etch] wireshark <limited-support> (Not suitable for network monitoring / intrusion detection, DoS issues fixed with low priority through point updates) [lenny] wireshark <limited-support> (Not suitable for network monitoring / intrusion detection, DoS issues fixed with low priority through point updates) [squeeze] wireshark <limited-support> (Not suitable for network monitoring / intrusion detection, DoS issues fixed with low priority through point updates) + +[etch] acidbase <limited-support> (Only supported behind an authenticated HTTP zone for trusted users) +[lenny] acidbase <limited-support> (Only supported behind an authenticated HTTP zone for trusted users) +[squeeze] acidbase <limited-support> (Only supported behind an authenticated HTTP zone for trusted users) |