Author: luk Date: 2008-01-05 10:56:56 +0000 (Sat, 05 Jan 2008) New Revision: 7836 Modified: data/CVE/list Log: Be consistent for issues fixed in proposed-updates. Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-05 09:14:10 UTC (rev 7835) +++ data/CVE/list 2008-01-05 10:56:56 UTC (rev 7836) @@ -491,7 +491,6 @@ [etch] - venkman <not-affected> (Vulnerable code not present) CVE-2007-XXXX [unace unspecified security issue related to uninitialized variable] - unace-nonfree 2.5-3 - [sarge] - unace-nonfree <no-dsa> (non-free not supported) [etch] - unace-nonfree <no-dsa> (non-free not supported) TODO: r3 release: [etch] - unace-nonfree 2.5-1etch1 CVE-2007-6507 (SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, ...) @@ -1248,7 +1247,7 @@ [etch] - sing <no-dsa> (Only exploitable in inherently broken setups) [sarge] - sing <no-dsa> (Only exploitable in inherently broken setups) TODO: r3 [etch] - sing 1.1-13etch1 - TODO: r3 [sarge] - sing 1.1-9sarge1 + TODO: r8 [sarge] - sing 1.1-9sarge1 CVE-2007-6209 (Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...) - zsh 4.3.4-dev-3-2 (low; bug #454073) [etch] - zsh <no-dsa> (Minor issue) @@ -15336,8 +15335,9 @@ [sarge] - rar <no-dsa> (Non-free) [etch] - rar <no-dsa> (Non-free) - unrar-nonfree 1:3.7.3-1 (high; bug #410580) - [sarge] - unrar-nonfree 1:3.5.2-0.2 + [sarge] - unrar-nonfree <no-dsa> (Non-free not supported) [etch] - unrar-nonfree <no-dsa> (Non-free not supported) + TODO: r8 release [sarge] - unrar-nonfree 1:3.5.2-0.2 TODO: r3 release [etch] - unrar-nonfree 1:3.5.4-1.1 NOTE: amavid-new automatically uses "rar -p-" or "unrar -p-", NOTE: which probably turns this into remote code execution