From f8c70ac50cd167ba1e69bf596d4cb2340f707664 Mon Sep 17 00:00:00 2001 From: Emilio Pozuelo Monfort Date: Tue, 1 Dec 2020 10:40:45 +0100 Subject: CVE/list: fix whitespace inconsistencies --- data/CVE/2009.list | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'data/CVE/2009.list') diff --git a/data/CVE/2009.list b/data/CVE/2009.list index 572a620f65..8046bf96c9 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -2688,12 +2688,12 @@ CVE-2009-4024 (Argument injection vulnerability in the ping function in Ping.php CVE-2009-4111 (Argument injection vulnerability in Mail/sendmail.php in the Mail pack ...) {DSA-1938-1} - php-mail 1.1.14-2 (medium; bug #557121) - [lenny] - php-mail 1.1.14-1+lenny1 + [lenny] - php-mail 1.1.14-1+lenny1 [etch] - php-mail 1.1.6-2+etch1 CVE-2009-4023 (Argument injection vulnerability in the sendmail implementation of the ...) {DSA-1938-1} - php-mail 1.1.14-2 (medium; bug #557121) - [lenny] - php-mail 1.1.14-1+lenny1 + [lenny] - php-mail 1.1.14-1+lenny1 [etch] - php-mail 1.1.6-2+etch1 CVE-2009-4022 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before ...) {DSA-1961-1} @@ -4251,7 +4251,7 @@ CVE-2009-3547 (Multiple race conditions in fs/pipe.c in the Linux kernel before - linux-2.6.24 (high) CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5. ...) {DSA-1936-1} - - libwmf (unimportant) + - libwmf (unimportant) - racket 5.0.2-1 (unimportant; bug #601525) NOTE: Only present in one of the sample pl-scheme packages (plot) - libgd2 2.0.36~rc1~dfsg-3.1 (medium; bug #552534) @@ -4857,7 +4857,7 @@ CVE-2009-3305 (Polipo 1.0.4, and possibly other versions, allows remote attacker [lenny] - polipo (Minor issue) CVE-2009-3304 (GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbi ...) {DSA-1945-1} - - gforge 4.8.2-1 + - gforge 4.8.2-1 CVE-2009-3303 (Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GF ...) {DSA-1937-1} - gforge 4.8.1-3 (low) @@ -11544,7 +11544,7 @@ CVE-2009-0800 (Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3. [lenny] - poppler 0.8.7-2 - xpdf 3.02-1.4+lenny1 (medium; bug #524809) [squeeze] - xpdf 3.02-1.4+lenny1 - - kdegraphics 4:4.0 (medium; bug #524810) + - kdegraphics 4:4.0 (medium; bug #524810) - swftools 0.9.2+ds1-2 CVE-2009-0799 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...) {DSA-1793-1 DSA-1790-1} @@ -12013,9 +12013,9 @@ CVE-2009-XXXX [sysvinit: no-root option in expert installer exposes locally expl NOTE: hardly a security issue, if an attacker has local access to the machine and you NOTE: don't use encryption or something similar you have lost anyway NOTE: - this ^ philosophy is flawed; it should not be trivial to get root just because you - NOTE: have local access to the machine. it is worth it to make it as difficult as - NOTE: possible without impacting authorized users. otherwise, why spend so much effort - NOTE: to make sure xscreensaver, gdm, and login are rock solid? + NOTE: have local access to the machine. it is worth it to make it as difficult as + NOTE: possible without impacting authorized users. otherwise, why spend so much effort + NOTE: to make sure xscreensaver, gdm, and login are rock solid? NOTE: - i would like to track as low, rather than unimportant CVE-2009-0753 (Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 ...) {DSA-1739-1} -- cgit v1.2.3