Author: nion Date: 2008-01-21 13:43:27 +0000 (Mon, 21 Jan 2008) New Revision: 7997 Modified: data/CVE/list Log: CVE-2007-406[5,6] fixed in libvorbis 1.2.0.dfsg-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-21 12:56:19 UTC (rev 7996) +++ data/CVE/list 2008-01-21 13:43:27 UTC (rev 7997) @@ -7921,10 +7921,10 @@ CVE-2007-4067 (Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ...) NOT-FOR-US: Clever Internet ActiveX Suite CVE-2007-4066 (Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow ...) - - libvorbis <unfixed> + - libvorbis 1.2.0.dfsg-1 NOTE: svn revisionsions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780 CVE-2007-4065 (lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 ...) - - libvorbis <unfixed> (unimportant) + - libvorbis 1.2.0.dfsg-1 (unimportant) NOTE: Just an infinite loop in an enduser multimedia libarary, not treated as a vulnerability NOTE: svn revisionions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780 CVE-2007-4064 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...)