joeyh at alioth.debian.org
2007-Nov-11 21:14 UTC
[Secure-testing-commits] r7282 - data/CVE
Author: joeyh
Date: 2007-11-11 21:14:06 +0000 (Sun, 11 Nov 2007)
New Revision: 7282
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-11-11 20:19:42 UTC (rev 7281)
+++ data/CVE/list 2007-11-11 21:14:06 UTC (rev 7282)
@@ -348,7 +348,7 @@
CVE-2007-5742
RESERVED
CVE-2007-5741 (Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote
attackers ...)
- {DSA-1405-1}
+ {DSA-1405-2 DSA-1405-1}
- zope-cmfplone 2.5.2-2 (bug #449523)
[sarge] - zope-cmfplone <not-affected> (Upstream confirms that 2.0
branch is not vulnerable)
NOTE: Fix available:
@@ -518,6 +518,7 @@
CVE-2007-5724 (Multiple cross-site scripting (XSS) vulnerabilities in Omnistar
Live ...)
NOT-FOR-US: Omnistar Live
CVE-2007-5723 (Heap-based buffer overflow in the samp_send function in
nuauth/sasl.c ...)
+ {DTSA-82-1}
- nufw 2.2.7-1 (medium)
CVE-2007-5722 (Stack-based buffer overflow in a certain ActiveX control in
GLChat.ocx ...)
NOT-FOR-US: GlobalLink
@@ -1125,6 +1126,7 @@
REJECTED
NOT-FOR-US: Microsoft Windows
CVE-2007-5585 (xscreensaver 5.03 and earlier, when running without ...)
+ {DTSA-83-1}
- xscreensaver <unfixed> (medium; bug #448157)
- rss-glx 0.8.1-8 (medium)
NOTE: xscreensaver is not segfaulting on my system but exiting in this
scenario
@@ -4470,6 +4472,7 @@
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as
fixed
CVE-2007-4351 (Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS
1.3.3 ...)
+ {DTSA-81-1}
- cupsys 1.3.4-1 (medium; bug #448866)
CVE-2007-4350
RESERVED