Re: [Secure-testing-commits] r9475 - data/CVE
Steffen Joeris wrote:
> On Thu, 31 Jul 2008 06:10:43 pm thomasbl-guest@alioth.debian.org wrote:
> > Author: thomasbl-guest
> > Date: 2008-07-31 08:10:42 +0000 (Thu, 31 Jul 2008)
> > New Revision: 9475
> >
> > Modified:
> > data/CVE/list
> > Log:
> > CVE-2008-3312 done
> >
> >
> >
> > Modified: data/CVE/list
> > ===================================================================
> > --- data/CVE/list 2008-07-31 06:46:05 UTC (rev 9474)
> > +++ data/CVE/list 2008-07-31 08:10:42 UTC (rev 9475)
> > @@ -83,7 +83,7 @@
> > CVE-2008-3313 (Multiple PHP remote file inclusion vulnerabilities in
> > CreaCMS 1.0 ...) NOT-FOR-US: CreaCMS
> > CVE-2008-3312 (Directory traversal vulnerability in ...)
> > - TODO: check FCKeditor code and versions
> > + - fckeditor <not-affected> (Vulnerable code not present)
> Does that mean all the various applications that include fckeditor code (and
> also older versions of this code) are not affected as well?
It also misses a NOTE or a bug reference indicating why Debian should
not be affected.
Cheers,
Moritz
Reply to: