jmm-guest at alioth.debian.org
2008-Jun-11 21:02 UTC
[Secure-testing-commits] r9040 - in data: . CVE DSA
Author: jmm-guest
Date: 2008-06-11 21:02:21 +0000 (Wed, 11 Jun 2008)
New Revision: 9040
Modified:
data/CVE/list
data/DSA/list
data/spu-candidates.txt
Log:
mksh no-dsa
two DSAs
imlib1 not affected by recent issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-06-11 20:11:26 UTC (rev 9039)
+++ data/CVE/list 2008-06-11 21:02:21 UTC (rev 9040)
@@ -274,6 +274,7 @@
RESERVED
CVE-2008-2426 (Multiple stack-based buffer overflows in Imlib 2 (aka imlib2)
1.4.0 ...)
- imlib2 1.4.0-1.1 (medium; bug #483816)
+ - imlib <not-affected> (Partly not present / partly fixed)
CVE-2008-2425 (SQL injection vulnerability in index.php in FicHive 1.0 allows
remote ...)
NOT-FOR-US: FicHive
CVE-2008-2422 (SQL injection vulnerability in index.php in Web Slider 0.6
allows ...)
@@ -1555,7 +1556,8 @@
CVE-2008-1846 (The default configuration of SAP NetWeaver before 7.0 SP15 does
not ...)
NOT-FOR-US: SAP
CVE-2008-1845 (The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does
not ...)
- - mksh 33.4-1
+ - mksh 33.4-1 (low)
+ [etch] - mksh <no-dsa> (Minor issue)
CVE-2008-1844 (SQL injection vulnerability in cat.php in W2B phpHotResources
allows ...)
NOT-FOR-US: W2B phpHotResources
CVE-2008-1843 (SQL injection vulnerability in browse.php in W2B DatingClub (aka
...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-06-11 20:11:26 UTC (rev 9039)
+++ data/DSA/list 2008-06-11 21:02:21 UTC (rev 9040)
@@ -1,3 +1,9 @@
+[10 Jun 2008] DSA-1594-1 imlib2
+ {CVE-2008-2426}
+ [etch] - imlib2 1.3.0.0debian1-4+etch1
+[09 Jun 2008] DSA-1593-1 tomcat5.5
+ {CVE-2008-1947}
+ [etch] - tomcat5.5 5.5.20-2etch3
[09 Jun 2008] DSA-1592-1 linux-2.6 - overflow conditions
{CVE-2008-1673 CVE-2008-2358}
[etch] - linux-2.6 2.6.18.dfsg.1-18etch6
Modified: data/spu-candidates.txt
==================================================================---
data/spu-candidates.txt 2008-06-11 20:11:26 UTC (rev 9039)
+++ data/spu-candidates.txt 2008-06-11 21:02:21 UTC (rev 9040)
@@ -111,6 +111,11 @@
--
+mksh (CVE-2008-1845)
+notified maintainer
+
+--
+
mldonkey (CVE-2007-4100)
#435439
notified maintainer