joeyh at alioth.debian.org
2008-May-18 21:14 UTC
[Secure-testing-commits] r8839 - data/CVE
Author: joeyh
Date: 2008-05-18 21:14:19 +0000 (Sun, 18 May 2008)
New Revision: 8839
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-05-18 20:27:22 UTC (rev 8838)
+++ data/CVE/list 2008-05-18 21:14:19 UTC (rev 8839)
@@ -56,12 +56,12 @@
NOT-FOR-US: Oracle Application Server (OracleAS) Portal 10g
CVE-2008-2137 [sparc mmap() local DoS]
RESERVED
- - linux-2.6 <unfixed>
- NOTE: Upstream commit: 5816339310b2d9623cf413d33e538b45e815da5d
+ - linux-2.6 <unfixed>
+ NOTE: Upstream commit: 5816339310b2d9623cf413d33e538b45e815da5d
CVE-2008-2136 [SIT memory leak]
RESERVED
- - linux-2.6 <unfixed>
- NOTE: Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02
+ - linux-2.6 <unfixed>
+ NOTE: Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02
CVE-2008-2135 (Multiple SQL injection vulnerabilities in VisualShapers
ezContents ...)
NOT-FOR-US: VisualShapers ezContents
CVE-2008-2134 (The Journal module in Tru-Zone Nuke ET 3.x allows remote
attackers to ...)
@@ -129,7 +129,7 @@
NOT-FOR-US: QTOFileManager
CVE-2008-2109 (field.c in the libid3tag 0.15.0b library allows
context-dependent ...)
- libid3tag 0.15.1b-8 (low; bug #480187)
- [etch] - libid3tag <no-dsa> (Minor issue)
+ [etch] - libid3tag <no-dsa> (Minor issue)
NOTE: totally different approach to fix the bug, see Kurts comments in the bug
report
CVE-2008-2108 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before
5.2.5, ...)
- php5 5.2.6-1 (low)
@@ -1091,6 +1091,7 @@
- python2.5 2.5.2-3
CVE-2008-1678 [apache2 mod_ssl DoS (memory leak)]
RESERVED
+ {DTSA-131-1}
- apache2 2.2.8-4
[etch] - apache2 <not-affected> (only a problem with openssl 0.9.8f or
later)
NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=44975
@@ -3799,6 +3800,7 @@
- tk8.4 8.4.17-2
- tk8.3 8.3.5-12
CVE-2008-0554 (Buffer overflow in the readImageData function in giftopnm.c in
netpbm ...)
+ {DSA-1579-1}
- netpbm-free 10.0-11.1 (medium; bug #464056)
CVE-2008-0564 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman
before ...)
- mailman 1:2.1.10~b3-1 (low)