Author: joeyh
Date: 2009-04-29 09:14:19 +0000 (Wed, 29 Apr 2009)
New Revision: 11742
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-04-29 07:01:42 UTC (rev 11741)
+++ data/CVE/list 2009-04-29 09:14:19 UTC (rev 11742)
@@ -808,8 +808,8 @@
NOT-FOR-US: 2wire
CVE-2009-1241 (Unspecified vulnerability in ClamAV before 0.95 allows remote
...)
- clamav 0.95+dfsg-1 (medium; bug #526042)
- [etch] - clamav <not-affected> (debian package does not use the
rar code in clamav at the current time)
- [lenny] - clamav <not-affected> (debian package does not use the
rar code in clamav at the current time)
+ [etch] - clamav <not-affected> (debian package does not use the rar code
in clamav at the current time)
+ [lenny] - clamav <not-affected> (debian package does not use the rar
code in clamav at the current time)
CVE-2009-1240 (Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44
...)
NOT-FOR-US: IBM Proventia
CVE-2009-1239 (IBM DB2 9.1 before FP7 returns incorrect query results in
certain ...)
@@ -4344,6 +4344,7 @@
- cyrus-sasl2 2.1.22.dfsg1-18 (bug #465561)
[etch] - cyrus-sasl2 <no-dsa> (Minor issue)
CVE-2009-0385 (Integer signedness error in the fourxm_read_header function in
...)
+ {DSA-1782-1 DSA-1781-1}
- ffmpeg-debian 0.svn20080206-16 (medium; bug #524799)
- ffmpeg <removed>
- mplayer 1.0~rc2-14 (medium; bug #524805)
@@ -6215,7 +6216,7 @@
CVE-2008-5486 (SQL injection vulnerability in admin.php in TurnkeyForms Text
Link ...)
NOT-FOR-US: TurnkeyForms Text Link Sales
CVE-2008-5616 (Stack-based buffer overflow in the demux_open_vqf function in
...)
- {DTSA-181-1}
+ {DSA-1782-1 DTSA-181-1}
- mplayer 1.0~rc2-19 (low; bug #508803)
CVE-2008-XXXX [axel URL parser buffer overflow]
- axel 2.2 (unimportant)
@@ -7774,6 +7775,7 @@
- gstreamer0.10-ffmpeg 0.10.3-2
[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not
present)
CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9
...)
+ {DSA-1782-1}
- ffmpeg-debian 0.svn20080206-14 (bug #504977)
[etch] - ffmpeg <not-affected> (Vulnerable code not present)
- mplayer 1.0~rc2-14
@@ -11951,6 +11953,7 @@
CVE-2008-3163 (Directory traversal vulnerability in dodosmail.php in DodosMail
2.5 ...)
NOT-FOR-US: DodosMail
CVE-2008-3162 (Stack-based buffer overflow in the str_read_packet function in
...)
+ {DSA-1781-1}
- ffmpeg-debian 0.svn20080206-10 (bug #489965; low)
- ffmpeg <removed>
TODO: Check the various embedders in Etch, horray for librification in Lenny