Candidate: CVE-2010-2234
PublicDate: 2010-08-19 22:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2234
Description:
 Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0
 through 0.11.0 allows remote attackers to hijack the authentication of
 administrators for direct requests to an installation URL.
Ubuntu-Description:
Notes:
 jdstrand> backport is regression prone
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=624764
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570013
Priority: low
Discovered-by:
Assigned-to: 
CVSS: 

Patches_couchdb:
 upstream: http://svn.apache.org/viewvc?view=revision&revision=957969
upstream_couchdb: released (0.11.2)
dapper_couchdb: DNE
hardy_couchdb: DNE
jaunty_couchdb: ignored (reached end-of-life)
karmic_couchdb: ignored (reached end-of-life)
lucid_couchdb: ignored
maverick_couchdb: not-affected (1.0.1-0ubuntu1)
natty_couchdb: not-affected (1.0.1-0ubuntu1)
oneiric_couchdb: not-affected (1.0.1-0ubuntu1)
precise_couchdb: not-affected (1.0.1-0ubuntu1)
quantal_couchdb: not-affected (1.0.1-0ubuntu1)
devel_couchdb: not-affected (1.0.1-0ubuntu1)