thijs at alioth.debian.org
2008-Aug-04 12:47 UTC
[Secure-testing-commits] r9512 - in data: CVE DSA
Author: thijs
Date: 2008-08-04 12:47:05 +0000 (Mon, 04 Aug 2008)
New Revision: 9512
Modified:
data/CVE/list
data/DSA/list
Log:
correct bug number
mark DoS in dnsmasq & openldap as low
our clamav DSA included the fix for the incomplete patch
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-08-04 11:41:42 UTC (rev 9511)
+++ data/CVE/list 2008-08-04 12:47:05 UTC (rev 9512)
@@ -141,7 +141,7 @@
CVE-2008-3351 (SQL injection vulnerability in atomPhotoBlog.php in Atom
PhotoBlog ...)
NOT-FOR-US: Atom PhotoBlog
CVE-2008-3350 (dnsmasq 2.43 allows remote attackers to cause a denial of
service ...)
- - dnsmasq 2.44-1 (medium)
+ - dnsmasq 2.44-1 (low)
CVE-2008-3349 (Multiple unspecified vulnerabilities in NetApp Data ONTAP, as
used on ...)
NOT-FOR-US: NetApp Data ONTAP
CVE-2008-3348 (Cross-site scripting (XSS) vulnerability in ...)
@@ -404,7 +404,7 @@
CVE-2008-3215 (libclamav/petite.c in ClamAV before 0.93.3 allows remote
attackers to ...)
- clamav 0.93.1.dfsg-1.1 (medium)
CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of
service ...)
- - dnsmasq 2.44-1 (medium)
+ - dnsmasq 2.44-1 (low)
CVE-2008-3213 (SQL injection vulnerability in secciones/tablon/tablon.php in
WebCMS ...)
NOT-FOR-US: WebCMS
CVE-2008-3212 (Multiple SQL injection vulnerabilities in Scripteen Free Image
Hosting ...)
@@ -1264,8 +1264,8 @@
NOTE:
http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681
CVE-2008-2952 (liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers
to ...)
{DTSA-151-1}
- - openldap2.3 <removed> (medium; bug #488710)
- - openldap 2.4.10-3 (medium; bug #488710)
+ - openldap2.3 <removed> (low; bug #488710)
+ - openldap 2.4.10-3 (low; bug #488710)
CVE-2008-2955 (Pidgin 2.4.1 allows remote attackers to cause a denial of
service ...)
- pidgin <unfixed> (low; bug #488632)
- gaim 1:2.0.0+fake.1
@@ -5701,7 +5701,7 @@
NOT-FOR-US: EMC DiskXtender
CVE-2008-0960 (SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1,
5.3.x ...)
{DTSA-137-1}
- - net-snmp 5.4.1~dfsg-8.1 (medium; bug #485944)
+ - net-snmp 5.4.1~dfsg-8.1 (medium; bug #485945)
CVE-2008-0959 (Multiple stack-based buffer overflows in the Online Media
Technologies ...)
NOT-FOR-US: Online Media Technologies NCTSoft NCTAudioInformation2
CVE-2008-0958 (Multiple stack-based buffer overflows in the Online Media
Technologies ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-08-04 11:41:42 UTC (rev 9511)
+++ data/DSA/list 2008-08-04 12:47:05 UTC (rev 9512)
@@ -32,7 +32,7 @@
{CVE-2008-1447}
[etch] - refpolicy 0.0.20061018-5.1+etch1
[24 Jul 2008] DSA-1616-2 clamav - denial of service
- {CVE-2008-2713}
+ {CVE-2008-2713 CVE-2008-3215}
[etch] - clamav 0.90.1dfsg-3.1etch14
[23 Jul 2008] DSA-1615-1 xulrunner - several vulnerabilities
{CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801
CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808
CVE-2008-2809 CVE-2008-2811 CVE-2008-2933}