jmm-guest at alioth.debian.org
2007-Nov-09 22:56 UTC
[Secure-testing-commits] r7261 - data/CVE
Author: jmm-guest
Date: 2007-11-09 22:56:44 +0000 (Fri, 09 Nov 2007)
New Revision: 7261
Modified:
data/CVE/list
Log:
fix outdated entries spotted by francesco poli
mark sqlite as non-issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-11-09 22:04:13 UTC (rev 7260)
+++ data/CVE/list 2007-11-09 22:56:44 UTC (rev 7261)
@@ -10273,7 +10273,7 @@
{DSA-1283-1 DTSA-39-1}
- php5 5.2.0-11 (medium)
CVE-2007-1888 (Buffer overflow in the sqlite_decode_binary function in
src/encode.c ...)
- - sqlite 2.8.17-2.1 (medium; bug #441233)
+ - sqlite 2.8.17-2.1 (unimportant; bug #441233)
NOTE: this is really just an "unsafe" API, not really a security
issue against sqlite itself.
NOTE: SQLite 3 no longer contains the affected function.
CVE-2007-1887 (Buffer overflow in the sqlite_decode_binary function in the
bundled ...)
@@ -24400,12 +24400,9 @@
- mediawiki <not-affected> (Affects only 1.6.0-1.6.6)
CVE-2006-2894 (Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite
1.7.13, ...)
{DSA-1401-1 DSA-1392-1 DTSA-69-1}
- - iceweasel 2.0.0.4-1
- - xulrunner <unfixed>
- - iceape <unfixed>
- - mozilla <removed>
- - mozilla-firefox <removed>
- NOTE: MFSA2007-32
+ - iceweasel 2.0.0.8
+ - xulrunner 1.8.1.9-1
+ - iceape 1.1.5
CVE-2006-2893 (index.php in GANTTy 1.0.3 allows remote attackers to obtain the
full ...)
NOT-FOR-US: GANTTy
CVE-2006-2892 (Cross-site scripting (XSS) vulnerability in index.php in GANTTy
1.0.3 ...)