joeyh at alioth.debian.org
2008-Jan-06 21:14 UTC
[Secure-testing-commits] r7844 - data/CVE
Author: joeyh
Date: 2008-01-06 21:14:10 +0000 (Sun, 06 Jan 2008)
New Revision: 7844
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-01-06 21:03:45 UTC (rev 7843)
+++ data/CVE/list 2008-01-06 21:14:10 UTC (rev 7844)
@@ -1034,6 +1034,7 @@
CVE-2007-6281 (Heap-based buffer overflow in Open File Manager service
(ofmnt.exe) in ...)
NOT-FOR-US: St. Bernard Open File Manager
CVE-2007-6304 (The federated engine in MySQL 5.0.x before 5.0.52, 5.1.x before
...)
+ {DSA-1451-1}
- mysql-dfsg-5.0 5.0.45-5 (low; bug #455737)
TODO: check mysql4
CVE-2007-6303 (MySQL 5.0.x before 5.0.52, 5.1.x before 5.1.23, and 6.0.x before
6.0.4 ...)
@@ -1809,6 +1810,7 @@
NOTE: version in experimental is affected by this
NOTE: the debian maintainers do not yet have access to this issue:
http://lists.mysql.com/packagers/377
CVE-2007-5969 (MySQL Community Server before 5.0.51, when a table relies on
symlinks ...)
+ {DSA-1451-1}
- mysql-dfsg-5.0 5.0.45-4 (low; bug #455010)
TODO: check mysql 4
CVE-2007-5968
@@ -4202,6 +4204,7 @@
CVE-2007-5302 (Multiple cross-site scripting (XSS) vulnerabilities in HP System
...)
NOT-FOR-US: HP System Management Homepage
CVE-2007-5300 (Off-by-one error in the do_login_loop function in ...)
+ {DSA-1452-1}
- wzdftpd 0.8.2-2.1 (medium; bug #446192)
CVE-2007-5299 (Multiple directory traversal vulnerabilities in SkaDate 5.0 and
6.0, ...)
NOT-FOR-US: SkaDate
@@ -7896,6 +7899,7 @@
[sarge] - mysql-dfsg <not-affected> (Vulnerable functionality was
introduced in 5.0)
[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable functionality was
introduced in 5.0)
CVE-2007-3781 (MySQL Community Server before 5.0.45 does not require privileges
such ...)
+ {DSA-1451-1}
- mysql-dfsg-5.0 5.0.45-1
[etch] - mysql-dfsg-5.0 <no-dsa> (Minor issue, too intrusive to
backport)
[sarge] - mysql-dfsg <no-dsa> (Minor issue, too intrusive to backport)