devin-guest at alioth.debian.org
2008-May-23 07:54 UTC
[Secure-testing-commits] r8873 - in data: CVE DSA
Author: devin-guest
Date: 2008-05-23 07:54:02 +0000 (Fri, 23 May 2008)
New Revision: 8873
Modified:
data/CVE/list
data/DSA/list
Log:
DSA-1586-1 for xine-lib
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-05-23 06:47:53 UTC (rev 8872)
+++ data/CVE/list 2008-05-23 07:54:02 UTC (rev 8873)
@@ -1217,9 +1217,9 @@
CVE-2007-6714 (DBMail before 2.2.9, when using authldap with an LDAP server
that ...)
- dbmail 2.2.9
CVE-2008-1878 (Stack-based buffer overflow in the demux_nsf_send_chunk function
in ...)
- {DTSA-128-1}
+ {DSA-1586-1 DTSA-128-1}
- xine-lib 1.1.12-2 (medium; bug #476990)
- NOTE: not patched but disabled
+ NOTE: not patched but disabled in testing/unstable
CVE-2008-1831 (Multiple unspecified vulnerabilities in the Siebel SimBuilder
...)
NOT-FOR-US: Oracle Siebel Enterprise
CVE-2008-1830 (Unspecified vulnerability in the PeopleSoft HCM ePerformance
component ...)
@@ -1553,7 +1553,7 @@
NOTE: This is more a generic bug and not a security issue: the random output
would
NOTE: need to match the name of an existing macro
CVE-2008-1686 (Array index vulnerability in Speex 1.1.12 and earlier, as used
in ...)
- {DTSA-127-1 DTSA-128-1 DTSA-129-1}
+ {DSA-1586-1 DTSA-127-1 DTSA-128-1 DTSA-129-1}
- speex 1.2~beta2-1 (medium)
- libfishsound 0.7.0-2.2 (medium; bug #475152)
- xine-lib 1.1.12-1 (medium)
@@ -2026,7 +2026,7 @@
{DSA-1576-1}
- openssh 1:4.7p1-5 (bug #463011)
CVE-2008-1482 (Multiple integer overflows in xine-lib 1.1.11 and earlier allow
remote ...)
- {DTSA-120-1}
+ {DSA-1586-1 DTSA-120-1}
- xine-lib 1.1.11.1-1 (medium; bug #472639)
CVE-2008-1481 (Cross-site scripting (XSS) vulnerability in index.php in
webSPELL ...)
NOT-FOR-US: webSPELL
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-05-23 06:47:53 UTC (rev 8872)
+++ data/DSA/list 2008-05-23 07:54:02 UTC (rev 8873)
@@ -1,3 +1,6 @@
+[22 May 2008] DSA-1586-1 xine-lib - multiple vulnerabilities
+ {CVE-2008-1482 CVE-2008-1686 CVE-2008-1878}
+ [etch] - xine-lib 1.1.2+dfsg-7
[20 May 2008] DSA-1583-1 gnome-peercast - several vulnerabilities
{CVE-2007-6454 CVE-2008-2040}
[etch] - gnome-peercast 0.5.4-1.1etch0