jmm-guest at alioth.debian.org
2008-Mar-17 17:02 UTC
[Secure-testing-commits] r8355 - data/CVE
Author: jmm-guest Date: 2008-03-17 17:02:44 +0000 (Mon, 17 Mar 2008) New Revision: 8355 Modified: data/CVE/list Log: - kfreebsd not supported yet - three latest wireshark issues don''t affect stable or etch - moin temp issue CVEfied some weeks ago Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-03-17 16:48:19 UTC (rev 8354) +++ data/CVE/list 2008-03-17 17:02:44 UTC (rev 8355) @@ -292,14 +292,17 @@ NOTE: rare and unwise. low priority. CVE-2008-1148 (A certain pseudo-random number generator (PRNG) algorithm that uses ...) - kfreebsd-5 <removed> + [etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported) - kfreebsd-6 <unfixed> - kfreebsd-7 <unfixed> CVE-2008-1147 (A certain pseudo-random number generator (PRNG) algorithm that uses ...) - kfreebsd-5 <removed> + [etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported) - kfreebsd-6 <unfixed> - kfreebsd-7 <unfixed> CVE-2008-1146 (A certain pseudo-random number generator (PRNG) algorithm that uses ...) - kfreebsd-5 <removed> + [etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported) - kfreebsd-6 <unfixed> - kfreebsd-7 <unfixed> CVE-2008-1144 @@ -499,10 +502,16 @@ NOT-FOR-US: Internet Security Systems CVE-2008-1072 (The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through ...) - wireshark 0.99.8-1 (low; bug #469488) + [etch] - wireshark <not-affected> (Only affected in conjunction with later libcairo) + [sarge] - ethereal <not-affected> (Only affected in conjunction with later libcairo) CVE-2008-1071 (The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through ...) - wireshark 0.99.8-1 (low; bug #469488) + [etch] - wireshark <not-affected> (Only affects 0.99.6 onwards) + [sarge] - ethereal <not-affected> (Only affects 0.99.6 onwards) CVE-2008-1070 (The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through ...) - wireshark 0.99.8-1 (low; bug #469488) + [etch] - wireshark <not-affected> (Only affects 0.99.5 onwards) + [sarge] - ethereal <not-affected> (Only affects 0.99.5 onwards) CVE-2008-1069 (Multiple PHP remote file inclusion vulnerabilities in Quantum Game ...) NOT-FOR-US: Quantum Game Library CVE-2008-1068 (Multiple PHP remote file inclusion vulnerabilities in Portail Web Php ...) @@ -8162,8 +8171,6 @@ NOT-FOR-US: Plesk (Windows) CVE-2007-XXXX [libgd2: gdImageColorTransparent can write outside buffer] - libgd2 2.0.35.dfsg-3 -CVE-2007-XXXX [moin cross site scripting] - - moin 1.5.8-3 (low) CVE-2007-XXXX [mondo insecure handling of temporary files] - mondo 2.24-2 (low) CVE-2007-4891 (A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in ...)