Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 300201 (CVE-2009-4405) - <www-apps/trac-0.11.6 ? (CVE-2009-4405)
Summary: <www-apps/trac-0.11.6 ? (CVE-2009-4405)
Status: RESOLVED FIXED
Alias: CVE-2009-4405
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://trac.edgewall.org/browser/tags...
Whiteboard: B4 [noglsa]
Keywords:
Depends on: 298904
Blocks:
  Show dependency tree
 
Reported: 2010-01-08 17:28 UTC by Alex Legler (RETIRED)
Modified: 2010-04-10 09:49 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2010-01-08 17:28:31 UTC 
CVE-2009-4405 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4405):
  Multiple unspecified vulnerabilities in Trac before 0.11.6 have
  unknown impact and attack vectors, possibly related to (1) "policy
  checks in report results when using alternate formats" or (2) a
  "check for the 'raw' role that is missing in docutils < 0.6."
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-01-08 17:47:20 UTC 
Stabilization via #298904
Comment 2 Dirkjan Ochtman (RETIRED) gentoo-dev 2010-04-09 11:15:42 UTC 
All arches stable.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2010-04-09 15:55:06 UTC 
Vote: no
Comment 4 Tobias Heinlein (RETIRED) gentoo-dev 2010-04-10 09:49:20 UTC 
NO too, closing noglsa.