thr3ads.net - Secure testing commits - [Secure-testing-commits] r11421

If this information is useful, please help other people find it:
Share via:

joeyh at alioth.debian.org

2009-Mar-17 09:14 UTC

[Secure-testing-commits] r11421 - data/CVE

Author: joeyh
Date: 2009-03-17 09:14:09 +0000 (Tue, 17 Mar 2009)
New Revision: 11421

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-03-17 08:52:57 UTC (rev 11420)
+++ data/CVE/list	2009-03-17 09:14:09 UTC (rev 11421)
@@ -6084,8 +6084,8 @@
 	NOT-FOR-US: Opera
 CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google
Chrome ...)
 	{CVE-2008-4723}
-        - webkit <unfixed> (medium; bug #520052)
-        NOTE: webkit properly handles this issue with respect to extensions
such as jpg and txt, but not in general; for example, the attack works for odp,
xls, etc extensions (only tested with midori 0.1.4)
+	- webkit <unfixed> (medium; bug #520052)
+	NOTE: webkit properly handles this issue with respect to extensions such as
jpg and txt, but not in general; for example, the attack works for odp, xls, etc
extensions (only tested with midori 0.1.4)
 	NOTE: not reproducible using iceweasel 3.0.1
 CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla
Firefox ...)
 	{CVE-2008-4724}
@@ -7058,7 +7058,7 @@
 CVE-2008-4317
 	RESERVED
 CVE-2008-4316 (Multiple integer overflows in glib/gbase64.c in GLib before 2.20
allow ...)
-        - glib2.0 <unfixed> (medium; bug #520046)
+	- glib2.0 <unfixed> (medium; bug #520046)
 CVE-2008-4315 (tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise
Linux ...)
 	NOT-FOR-US: OpenPegasus
 CVE-2008-4314 (smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers
to ...)
@@ -21411,7 +21411,7 @@
 	- rails 1.2.5-1
 	[etch] - rails <not-affected> (Vulnerable code not present)
 CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk
...)
-	{DSA-1416-1 DSA-1415-1}
+	{DSA-1743-1 DSA-1416-1 DSA-1415-1}
 	- tk8.3 8.3.5-10 (medium; bug #446465)
 	- tk8.4 8.4.16-1 (medium)
 CVE-2007-5377 (The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file
...)
@@ -22139,6 +22139,7 @@
 CVE-2007-5138 (PHP remote file inclusion vulnerability in forum/forum.php in
...)
 	NOT-FOR-US: lustig.cms
 CVE-2007-5137 (Buffer overflow in the ReadImage function in generic/tkImgGIF.c
in Tcl ...)
+	{DSA-1743-1}
 	- tk8.4 8.4.16-1
 	[etch] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)
 	[sarge] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)

Secure testing commits - Mar 2009 - r11421 - data/CVE

[Secure-testing-commits] r11421 - data/CVE