Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 300201 (CVE-2009-4405)

Summary: <www-apps/trac-0.11.6 ? (CVE-2009-4405)
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: web-apps
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://trac.edgewall.org/browser/tags/trac-0.11.6/RELEASE
Whiteboard: B4 [noglsa]
Package list:
Runtime testing required: ---
Bug Depends on: 298904    
Bug Blocks:    

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2010-01-08 17:28:31 UTC 
CVE-2009-4405 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4405):
  Multiple unspecified vulnerabilities in Trac before 0.11.6 have
  unknown impact and attack vectors, possibly related to (1) "policy
  checks in report results when using alternate formats" or (2) a
  "check for the 'raw' role that is missing in docutils < 0.6."
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-01-08 17:47:20 UTC 
Stabilization via #298904
Comment 2 Dirkjan Ochtman (RETIRED) gentoo-dev 2010-04-09 11:15:42 UTC 
All arches stable.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2010-04-09 15:55:06 UTC 
Vote: no
Comment 4 Tobias Heinlein (RETIRED) gentoo-dev 2010-04-10 09:49:20 UTC 
NO too, closing noglsa.