stef-guest at alioth.debian.org
2007-Oct-14 21:58 UTC
[Secure-testing-commits] r6964 - data/CVE
Author: stef-guest
Date: 2007-10-14 21:58:25 +0000 (Sun, 14 Oct 2007)
New Revision: 6964
Modified:
data/CVE/list
Log:
include clamav fixes in volatile
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-10-14 21:32:09 UTC (rev 6963)
+++ data/CVE/list 2007-10-14 21:58:25 UTC (rev 6964)
@@ -2030,7 +2030,7 @@
NOT-FOR-US: Helix DNA Server
CVE-2007-4560 (clamav-milter in ClamAV before 0.91.2, when run in black hole
mode, ...)
{DSA-1366-1}
- - clamav 0.91.2-1 (high)
+ - clamav 0.91.2-1~volatile1 (high)
CVE-2007-4559 (Directory traversal vulnerability in the (1) extract and (2)
...)
- python2.3 <removed>
- python2.4 <unfixed> (bug #440097)
@@ -2141,7 +2141,7 @@
NOT-FOR-US: Sun Application Server
CVE-2007-4510 (ClamAV before 0.91.2, as used in Kolab Server 2.0 through
2.2beta1 and ...)
{DSA-1366-1}
- - clamav 0.91.2-1
+ - clamav 0.91.2-1~volatile1
[sarge] - clamav <not-affected> (Vulnerable code not present)
CVE-2007-4509 (SQL injection vulnerability in index.php in the EventList
component ...)
NOT-FOR-US: EventList component for Joomla!
@@ -2453,7 +2453,7 @@
CVE-2007-XXXX [clamav htmlnorm DoS]
- clamav <not-affected> (Only exploitable if CL_EXPERIMENTAL is set)
CVE-2007-XXXX [clamav floating point exception in OLE2 scanner DoS]
- - clamav 0.91.2-1
+ - clamav 0.91.2-1~volatile1
[etch] - clamav <not-affected> (Vulnerable code not present)
[sarge] - clamav <not-affected> (Vulnerable code not present)
CVE-2007-XXXX [pam usb wrongly allows authentication without password in ssh
sessions]