white at alioth.debian.org
2007-Nov-07 03:30 UTC
[Secure-testing-commits] r7235 - data/CVE
Author: white Date: 2007-11-07 03:30:12 +0000 (Wed, 07 Nov 2007) New Revision: 7235 Modified: data/CVE/list Log: Remove iscsitarget temp issue, because it got a CVE id; Also shift NOTE Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-06 22:53:50 UTC (rev 7234) +++ data/CVE/list 2007-11-07 03:30:12 UTC (rev 7235) @@ -20,6 +20,7 @@ TODO: check CVE-2007-5827 (iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for ...) - iscsitarget 0.4.15-5 (bug #448873) + NOTE: init script has "dump" function, which marks conffile correctly CVE-2007-5826 (Absolute path traversal vulnerability in the EDraw Flowchart ActiveX ...) NOT-FOR-US: EDraw Flowchart CVE-2007-5825 (Format string vulnerability in the ws_addarg function in webserver.c ...) @@ -89,9 +90,6 @@ CVE-2007-5795 (The hack-local-variables function in Emacs before 22.2, when ...) - emacs22 22.1+1-2.1 (medium; bug #449008) NOTE: Emacs 21 is not affected -CVE-2007-XXXX [conffile ietd.conf public readable and contains passwords] - - iscsitarget 0.4.15-5 (low; bug #448873) - NOTE: init script has "dump" function, which marks conffile correctly CVE-2007-5793 (Stonesoft StoneGate IPS before 4.0 does not properly decode ...) NOT-FOR-US: Stonesoft StoneGate IPS CVE-2007-5792 (The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP ...)