jmm-guest at alioth.debian.org
2008-May-18 20:27 UTC
[Secure-testing-commits] r8838 - data/CVE
Author: jmm-guest Date: 2008-05-18 20:27:22 +0000 (Sun, 18 May 2008) New Revision: 8838 Modified: data/CVE/list Log: two new kernel issues lib3dtag no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-05-18 16:04:20 UTC (rev 8837) +++ data/CVE/list 2008-05-18 20:27:22 UTC (rev 8838) @@ -54,10 +54,14 @@ NOT-FOR-US: rpath Appliance Platform Agent CVE-2008-2138 (Oracle Application Server (OracleAS) Portal 10g allows remote ...) NOT-FOR-US: Oracle Application Server (OracleAS) Portal 10g -CVE-2008-2137 +CVE-2008-2137 [sparc mmap() local DoS] RESERVED -CVE-2008-2136 + - linux-2.6 <unfixed> + NOTE: Upstream commit: 5816339310b2d9623cf413d33e538b45e815da5d +CVE-2008-2136 [SIT memory leak] RESERVED + - linux-2.6 <unfixed> + NOTE: Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02 CVE-2008-2135 (Multiple SQL injection vulnerabilities in VisualShapers ezContents ...) NOT-FOR-US: VisualShapers ezContents CVE-2008-2134 (The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to ...) @@ -125,6 +129,7 @@ NOT-FOR-US: QTOFileManager CVE-2008-2109 (field.c in the libid3tag 0.15.0b library allows context-dependent ...) - libid3tag 0.15.1b-8 (low; bug #480187) + [etch] - libid3tag <no-dsa> (Minor issue) NOTE: totally different approach to fix the bug, see Kurts comments in the bug report CVE-2008-2108 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, ...) - php5 5.2.6-1 (low)