thr3ads.net - Secure testing commits - [Secure-testing-commits] r7921

If this information is useful, please help other people find it:
Share via:

thijs at alioth.debian.org

2008-Jan-14 20:55 UTC

[Secure-testing-commits] r7921 - data/CVE

Author: thijs
Date: 2008-01-14 20:55:01 +0000 (Mon, 14 Jan 2008)
New Revision: 7921

Modified:
   data/CVE/list
Log:
eliminate 3 TEMP issues that have CVE''s


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-01-14 20:17:21 UTC (rev 7920)
+++ data/CVE/list	2008-01-14 20:55:01 UTC (rev 7921)
@@ -8804,7 +8804,7 @@
 CVE-2007-3556 (Liesbeth base CMS stores sensitive information under the web
root with ...)
 	NOT-FOR-US: Liesbeth
 CVE-2007-3555 (Cross-site scripting (XSS) vulnerability in index.php in Moodle
1.7.1 ...)
-	- moodle 1.8.2-1 (low)
+	- moodle 1.8.2-1 (low; bug #432264)
 CVE-2007-3554 (Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX
control ...)
 	NOT-FOR-US: HP
 CVE-2007-3553 (Cross-site scripting (XSS) vulnerability in Rapid Install Web
Server ...)
@@ -8931,8 +8931,6 @@
 	- matrixssl 1.1-1
 CVE-1999-1591 (Microsoft Internet Information Services (IIS) server 4.0 SP4,
without ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2007-XXXX [moodle several XSS]
-	- moodle 1.8.2-1 (bug #432264)
 CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2
allows ...)
 	NOT-FOR-US: Apple Safari
 CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux
...)
@@ -9094,6 +9092,7 @@
 	- firebird1.5 <not-affected> (fixed before rename to firebird1.5)
 	- firebird2 1.5.3.4870-4 (low; bug #362001)
 	- firebird2.0 <not-affected> (fixed in 2.0)
+	[sarge] - firebird2 <no-dsa> (Minor issue)
 CVE-2006-7210 (Microsoft Windows 2000, XP, and Server 2003 allows remote
attackers to ...)
 	NOT-FOR-US: Windows
 CVE-2005-4848 (Buffer overflow in the decompression algorithm in Research in
Motion ...)
@@ -10270,10 +10269,6 @@
 	NOTE: This is not a vulnerability, but an additional precaution function for
 	NOTE: a development framework. If someone wants to have this updated in Etch,
this
 	NOTE: needs to go through a point update
-CVE-2007-XXXX [dar choosing weak IV when encrypting]
-	- dar 2.3.3-1 (bug #425335; low)
-	[sarge] - dar <no-dsa> (minor issue)
-	[etch] - dar <no-dsa> (minor issue)
 CVE-2006-XXXX [Owl Intranet Engine multiple cross-site scripting,
SQL-injection]
 	- owl-dms 0.94-1 (medium; bug #416296)
 CVE-2007-2967 (Multiple F-Secure anti-virus products for Microsoft Windows and
Linux ...)
@@ -29865,9 +29860,6 @@
 	NOT-FOR-US: VMware
 CVE-2004-2656 (Multiple cross-site scripting (XSS) vulnerabilities in Slashdot
Like ...)
 	- slash <not-affected> (Vulnerable code introduced in 2002, while
Debian''s is older!, see #390469)
-CVE-2006-XXXX [firebird local DoS]
-	- firebird2 1.5.3.4870-4 (bug #362001)
-	[sarge] - firebird2 <no-dsa> (Minor issue)
 CVE-2006-1744 (Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7
allows ...)
 	{DSA-1036-1}
 	- bsdgames 2.17-7 (bug #360989)

Secure testing commits - Jan 2008 - r7921 - data/CVE

[Secure-testing-commits] r7921 - data/CVE