bacula fixed

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@42214 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Moritz Muehlenhoff <jmm@debian.org> 2016-06-01 10:20:49 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2016-06-01 10:20:49 +0000
commit: 7e8c403ba3decf1f86bd619dc1e041459c8ab806 (patch)
tree: de295019f58c76c1ac814e4f84d989d6c9b72b49 /data/CVE/2007.list
parent: 8dc0cdcded383b094792ced3a8fe517cb18e4f53 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 1a92aca241..9f58968679 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -2710,10 +2710,11 @@ CVE-2007-5628 (PHP remote file inclusion vulnerability in src/scripture.php in T
 CVE-2007-5627 (PHP remote file inclusion vulnerability in content/fnc-readmail3.php ...)
 	NOT-FOR-US: Socketmail
 CVE-2007-5626 (make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a ...)
-	- bacula <unfixed> (unimportant; bug #446809)
+	- bacula 5.0.0-1 (unimportant; bug #446809)
 	NOTE: this script needs the default database password and name needs to be set which
 	NOTE: would be a bigger problem in a non-trusted environment. Apart from
 	NOTE: this is documented in the bacula documentation
+	NOTE: Since bacula 5.0.0 "make_catalog_backup.pl" is used by default, which is not affected
 CVE-2007-5625 (Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site ...)
 	NOT-FOR-US: Site Search SearchSimon Lite
 CVE-2007-5624 (Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 ...)
author	Moritz Muehlenhoff <jmm@debian.org>	2016-06-01 10:20:49 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2016-06-01 10:20:49 +0000
commit	7e8c403ba3decf1f86bd619dc1e041459c8ab806 (patch)
tree	de295019f58c76c1ac814e4f84d989d6c9b72b49 /data/CVE/2007.list
parent	8dc0cdcded383b094792ced3a8fe517cb18e4f53 (diff)