Author: gilbert-guest Date: 2009-05-04 20:40:02 +0000 (Mon, 04 May 2009) New Revision: 11782 Modified: data/CVE/list Log: should have tagged these as not-affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-05-04 20:26:42 UTC (rev 11781) +++ data/CVE/list 2009-05-04 20:40:02 UTC (rev 11782) @@ -14825,8 +14825,8 @@ NOT-FOR-US: Windows CVE-2008-2009 (Xiph.org libvorbis before 1.0 does not properly check for ...) - libvorbis 1.2.0.dfsg-4 (bug #482039) - [etch] - libvorbis <no-dsa> (actual vulnerability fixed pre-1.0) - [lenny] - libvorbis <no-dsa> (actual vulnerability fixed pre-1.0) + [etch] - libvorbis <not-affected> (actual vulnerability fixed pre-1.0) + [lenny] - libvorbis <not-affected> (actual vulnerability fixed pre-1.0) NOTE: additional hardening features have already been added to the unstable NOTE: packages that would be useful to have in stable, so proposing as spu/ospu CVE-2008-2008 (Buffer overflow in the Display Names message feature in Cerulean ...)