white at alioth.debian.org
2009-Feb-05 17:43 UTC
[Secure-testing-commits] r11151 - data/CVE
Author: white Date: 2009-02-05 17:43:19 +0000 (Thu, 05 Feb 2009) New Revision: 11151 Modified: data/CVE/list Log: Fix gst-plugins entries so they reflect the real situation between good and bad plugins Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-05 12:01:36 UTC (rev 11150) +++ data/CVE/list 2009-02-05 17:43:19 UTC (rev 11151) @@ -37,9 +37,14 @@ NOT-FOR-US: SocialEngine CVE-2009-0399 (Chipmunk Blogger Script allows remote attackers to gain administrator ...) NOT-FOR-US: Chipmunk Blogger Script +CVE-2009-0398 (Array index error in the gst_qtp_trak_handler function in ...) + - gst-plugins-good0.10 <not-affected> (Vulnerable code not present) + - gst-plugins-bad0.10 <not-affected> (Vulnerable code not present) CVE-2009-0397 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...) - gst-plugins-good0.10 0.10.8-4.1 (bug #514177) [lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1 + [etch] - gst-plugins-good0.10 <not-affected> (plugin in other package) + - gst-plugins-bad0.10 0.10.4-1 CVE-2009-0396 (The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, ...) NOT-FOR-US: Sony Ericsson CVE-2009-0395 (SQL injection vulnerability in the login feature in NetArt Media Car ...) @@ -61,9 +66,13 @@ CVE-2009-0387 (Array index error in the qtdemux_parse_samples function in ...) - gst-plugins-good0.10 0.10.8-4.1 (bug #514177) [lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1 + [etch] - gst-plugins-good0.10 <not-affected> (plugin in other package) + - gst-plugins-bad0.10 0.10.4-1 CVE-2009-0386 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...) - gst-plugins-good0.10 0.10.8-4.1 (bug #514177) [lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1 + [etch] - gst-plugins-good0.10 <not-affected> (plugin in other package) + - gst-plugins-bad0.10 0.10.4-1 CVE-2009-0384 (SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows ...) NOT-FOR-US: OwnRS CMS CVE-2009-0383 (delete.php in Max.Blog 1.0.6 does not properly restrict access, which ...)