dannf at alioth.debian.org
2008-Oct-14 15:57 UTC
[Secure-testing-commits] r10084 - data/CVE
Author: dannf
Date: 2008-10-14 15:57:10 +0000 (Tue, 14 Oct 2008)
New Revision: 10084
Modified:
data/CVE/list
Log:
make all linux-2.6.24 entries equivalent by removing the [etch] prefix on those
that have it
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-10-14 15:46:38 UTC (rev 10083)
+++ data/CVE/list 2008-10-14 15:57:10 UTC (rev 10084)
@@ -980,7 +980,7 @@
CVE-2008-4113 (The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in
the ...)
- linux-2.6 2.6.26-5
[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
- [etch] - linux-2.6.24 <unfixed>
+ - linux-2.6.24 <unfixed>
CVE-2008-4112
REJECTED
CVE-2008-4111 (Unspecified vulnerability in Servlet Engine/Web Container in IBM
...)
@@ -1440,7 +1440,7 @@
CVE-2008-3911 (The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux
kernel ...)
- linux-2.6 2.6.26-5
[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
- [etch] - linux-2.6.24 <not-affected> (Vulnerable code not present)
+ - linux-2.6.24 <not-affected> (Vulnerable code not present)
CVE-2008-3906 (CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier
allows ...)
- mono 1.9.1+dfsg-4 (low; bug #498894)
CVE-2008-3905 (resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287,
1.8.7 ...)
@@ -2574,7 +2574,7 @@
CVE-2008-3496 (Buffer overflow in format descriptor parsing in the
uvc_parse_format ...)
- linux-2.6 2.6.26-2
[etch] - linux-2.6 <not-affected> (code not present)
- [etch] - linux-2.6.24 <not-affected> (code not present)
+ - linux-2.6.24 <not-affected> (code not present)
CVE-2008-3495 (SQL injection vulnerability in kategori.asp in Pcshey Portal
allows ...)
NOT-FOR-US: Pcshey Portal
CVE-2008-3494 (8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to
bypass ...)
@@ -3121,7 +3121,7 @@
CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x before
2.6.25.11 ...)
- linux-2.6 2.6.25-7
[etch] - linux-2.6 <not-affected> (2.6.25-only issue)
- [etch] - linux-2.6.24 <not-affected> (2.6.25-only issue)
+ - linux-2.6.24 <not-affected> (2.6.25-only issue)
CVE-2008-3246 (Unspecified vulnerability in the PDF distiller component in the
...)
NOT-FOR-US: BlackBerry Attachment Service
CVE-2008-3245 (SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9,
4.3.10, ...)
@@ -4337,7 +4337,7 @@
CVE-2008-2750 (The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the
Linux ...)
- linux-2.6 2.6.26
[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in
2.6.23)
- [etch] - linux-2.6.24 2.6.24-6~etchnhalf.4
+ - linux-2.6.24 2.6.24-6~etchnhalf.4
NOTE: 6b6707a50c7598a83820077393f8823ab791abf8
CVE-2008-2749 (Unspecified vulnerability in cshttpd in Sun Java System Calendar
...)
NOT-FOR-US: Sun Java System Application Server
@@ -5650,7 +5650,7 @@
CVE-2008-2148 (The utimensat system call (sys_utimensat) in Linux kernel 2.6.22
and ...)
- linux-2.6 2.6.25-3 (bug #481195)
[etch] - linux-2.6 <not-affected> (vulnerable code not present)
- [etch] - linux-2.6.24 2.6.24-6~etchnhalf.3
+ - linux-2.6.24 2.6.24-6~etchnhalf.3
NOTE: utimensat() was introduced in 2.6.22 and sched_slice() in 2.6.24
CVE-2008-2145 (Stack-based buffer overflow in Novell Client 4.91 SP4 and
earlier ...)
NOT-FOR-US: Novell Client 4.91 SP4
@@ -5669,12 +5669,12 @@
CVE-2008-2137 (The (1) sparc_mmap_check function in
arch/sparc/kernel/sys_sparc.c and ...)
{DSA-1588-1}
- linux-2.6 2.6.25-3
- [etch] - linux-2.6.24 2.6.24-6~etchnhalf.3
+ - linux-2.6.24 2.6.24-6~etchnhalf.3
NOTE: Upstream commit: 5816339310b2d9623cf413d33e538b45e815da5d, part of
2.6.25.3
CVE-2008-2136 (Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the
Linux ...)
{DSA-1588-1}
- linux-2.6 2.6.25-3
- [etch] - linux-2.6.24 2.6.24-6~etchnhalf.3
+ - linux-2.6.24 2.6.24-6~etchnhalf.3
NOTE: Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02, part of
2.6.25.3
CVE-2008-2135 (Multiple SQL injection vulnerabilities in VisualShapers
ezContents ...)
NOT-FOR-US: VisualShapers ezContents