jmm-guest at alioth.debian.org
2008-Mar-27 22:30 UTC
[Secure-testing-commits] r8427 - in data: CVE DSA
Author: jmm-guest
Date: 2008-03-27 22:30:42 +0000 (Thu, 27 Mar 2008)
New Revision: 8427
Modified:
data/CVE/list
data/DSA/list
Log:
two new DSAs and a couple of NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-03-27 18:38:02 UTC (rev 8426)
+++ data/CVE/list 2008-03-27 22:30:42 UTC (rev 8427)
@@ -1011,7 +1011,7 @@
CVE-2008-1093
RESERVED
CVE-2008-1092 (Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft
Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft Jet Database Engine
CVE-2008-1091
RESERVED
CVE-2008-1090
@@ -1192,7 +1192,7 @@
CVE-2008-1013
RESERVED
CVE-2008-1012 (Unspecified vulnerability in Apple AirPort Extreme Base Station
...)
- TODO: check
+ NOT-FOR-US: Apple AirPort
CVE-2008-1011 (Cross-site scripting (XSS) vulnerability in WebKit, as used in
Apple ...)
NOT-FOR-US: Safari (Mac OS X)
CVE-2008-1010 (Buffer overflow in WebKit, as used in Apple Safari before 3.1,
allows ...)
@@ -1318,7 +1318,7 @@
CVE-2008-0952
RESERVED
CVE-2008-0951 (Microsoft Windows Vista does not properly enforce the ...)
- TODO: check
+ NOT-FOR-US: Windows Vista
CVE-2008-0950
RESERVED
CVE-2008-0949 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS)
7.x ...)
@@ -1448,7 +1448,7 @@
CVE-2008-0890 (Red Hat Directory Server 7.1 before SP4 uses insecure
permissions for ...)
NOT-FOR-US: Red Hat Directory Server
CVE-2008-0889 (Red Hat Directory Server 8.0, when running on Red Hat Enterprise
...)
- TODO: check
+ NOT-FOR-US: Red Hat Directory Server
CVE-2008-0888 (The NEEDBITS macro in the inflate_dynamic function in inflate.c
for ...)
{DSA-1522-1}
- unzip 5.52-11
@@ -1845,7 +1845,7 @@
CVE-2008-0708
RESERVED
CVE-2008-0707 (HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on
HP-UX ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-2008-0706
RESERVED
CVE-2008-0705
@@ -3239,7 +3239,7 @@
CVE-2008-0126
RESERVED
CVE-2008-0125 (Cross-site scripting (XSS) vulnerability in phpstats.php in
Michael ...)
- TODO: check
+ NOT-FOR-US: Michael Wagner phpstats
CVE-2008-0124 (Cross-site scripting (XSS) vulnerability in Serendipity (S9Y)
before ...)
{DSA-1528-1}
- serendipity 1.3~b1-1 (low; bug #469667)
@@ -4488,7 +4488,7 @@
CVE-2007-6255
RESERVED
CVE-2007-6254 (Stack-based buffer overflow in the SAP Business Objects ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2007-6253 (Multiple buffer overflows in Adobe Form Designer 5.0 and Form
Client ...)
NOT-FOR-US: Adobe Form Designer
CVE-2007-6252 (Multiple stack-based buffer overflows in the Learn2 Corporation
...)
@@ -9466,7 +9466,7 @@
CVE-2007-4593 (Unspecified vulnerability in vstor2-ws60.sys in VMWare
Workstation 6.0 ...)
NOT-FOR-US: VMWare Workstation
CVE-2007-4592 (Multiple cross-site scripting (XSS) vulnerabilities in the web
...)
- TODO: check
+ NOT-FOR-US: Rational
CVE-2007-4591 (vstor-ws60.sys in VMWare Workstation 6.0 allows local users to
cause a ...)
NOT-FOR-US: VMWare Workstation
CVE-2007-4590 (The get_system_info command in Ignite-UX C.7.0 through C.7.3,
and ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-03-27 18:38:02 UTC (rev 8426)
+++ data/DSA/list 2008-03-27 22:30:42 UTC (rev 8427)
@@ -1,3 +1,9 @@
+[27 Mar 2008] DSA-1533-1 exiftags
+ {CVE-2007-6354 CVE-2007-6355 CVE-2007-6356}
+ [etch] - exiftags 0.98-1.1+etch1
+[27 Mar 2008] DSA-1532-1 xulrunner
+ {CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236
CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241}
+ [etch] - xulrunner 1.8.0.15~pre080323b-0etch1
[27 Mar 2008] DSA-1531-1 policyd-weight - insecure temporary files
[etch] - policyd-weight 0.1.14-beta-6etch1
NOTE: CVE id still pending...