joeyh at alioth.debian.org
2008-Jul-27 21:14 UTC
[Secure-testing-commits] r9436 - data/CVE
Author: joeyh
Date: 2008-07-27 21:14:11 +0000 (Sun, 27 Jul 2008)
New Revision: 9436
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-07-27 16:55:08 UTC (rev 9435)
+++ data/CVE/list 2008-07-27 21:14:11 UTC (rev 9436)
@@ -3361,7 +3361,7 @@
- cups 1.3.7-2 (medium; bug #476305)
- cupsys 1.3.7-2 (medium; bug #476305)
CVE-2008-1721 (Integer signedness error in the zlib extension module in Python
2.5.2 ...)
- {DSA-1551-1}
+ {DSA-1620-1 DSA-1551-1}
- python2.4 2.4.5-2
- python2.5 2.5.2-3
CVE-2008-1719 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Nuke ET ...)
@@ -3401,7 +3401,7 @@
NOTE: upstream commit 13788ccc41ceea5893f9c747c59bc0b28f2416c2, not present in
2.6.25.x,
NOTE: but fixed in git, so marking as fixed in 2.6.26-1
CVE-2008-1887 (Python 2.5.2 and earlier allows context-dependent attackers to
execute ...)
- {DSA-1551-1}
+ {DSA-1620-1 DSA-1551-1}
- python2.4 2.4.5-2
- python2.5 2.5.2-3
CVE-2008-1877 (tss 0.8.1 allows local users to read arbitrary files via the -a
...)
@@ -3481,7 +3481,7 @@
CVE-2008-1680 (PHP-Nuke Platinum 7.6.b.5 allows remote attackers to obtain ...)
NOT-FOR-US: PHP-Nuke Platinum
CVE-2008-1679 (Multiple integer overflows in imageop.c in Python before 2.5.3
allow ...)
- {DSA-1551-1}
+ {DSA-1620-1 DSA-1551-1}
- python2.4 2.4.5-2
- python2.5 2.5.2-3
CVE-2008-1678 (Memory leak in the zlib_stateful_init function in
crypto/comp/c_zlib.c ...)
@@ -4021,7 +4021,7 @@
CVE-2008-1448
RESERVED
CVE-2008-1447 (The DNS protocol, as implemented in (1) BIND 8 and 9 before
9.5.0-P1, ...)
- {DSA-1617-1 DSA-1603-1 DTSA-147-1}
+ {DSA-1619-1 DSA-1617-1 DSA-1603-1 DTSA-147-1}
- bind9 1:9.5.0.dfsg-5 (high)
- glibc <unfixed> (medium)
- dnsmasq 2.43-1 (medium; bug #490123)
@@ -12605,7 +12605,7 @@
{DTSA-57-1}
NOTE: Duplicate of CVE-2007-3913
CVE-2007-4965 (Multiple integer overflows in the imageop module in Python 2.5.1
and ...)
- {DSA-1551-1}
+ {DSA-1620-1 DSA-1551-1}
- python2.5 2.5.1-6 (low; bug #443333)
[etch] - python2.5 <no-dsa> (Minor issue)
[sarge] - python2.5 <no-dsa> (Minor issue)
@@ -15305,7 +15305,7 @@
- iceweasel <unfixed> (low)
- iceape <unfixed> (low)
- xulrunner <unfixed> (low)
- NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=388097
+ NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=388097
CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote
...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation
in ...)
@@ -17204,7 +17204,7 @@
- iceweasel <unfixed> (low)
- iceape <unfixed> (low)
- xulrunner <unfixed> (low)
- NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=380994
+ NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=380994
CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before
2.0.0.4 on ...)
- iceweasel <not-affected> (Only affects Windows versions of Firefox)
CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain
ActiveX ...)
@@ -19588,7 +19588,7 @@
CVE-2007-2053 (Multiple stack-based buffer overflows in AFFLIB before 2.2.6
allow ...)
NOT-FOR-US: AFFLIB
CVE-2007-2052 (Off-by-one error in the PyLocale_strxfrm function in ...)
- {DSA-1551-1}
+ {DSA-1620-1 DSA-1551-1}
- python2.4 2.4.4-3 (bug #416931; low)
- python2.5 2.5.1-1 (bug #416934; low)
- python2.3 <removed> (low)