Author: nion Date: 2007-09-20 16:03:18 +0000 (Thu, 20 Sep 2007) New Revision: 6650 Modified: data/CVE/list Log: CVE-2007-4065, CVE-2007-4029, CVE-2007-4066 libvorbis, link to fixed svn revisions added Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-09-20 13:38:59 UTC (rev 6649) +++ data/CVE/list 2007-09-20 16:03:18 UTC (rev 6650) @@ -2007,8 +2007,10 @@ NOT-FOR-US: Clever Internet ActiveX Suite CVE-2007-4066 RESERVED + NOTE: svn revisionsions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780 CVE-2007-4065 RESERVED + NOTE: svn revisionsions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780 CVE-2007-4064 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...) - drupal 4.7.7-1 (low) - drupal5 5.2-1 (low) @@ -2096,6 +2098,7 @@ - libvorbis 1.2.0.dfsg-1 (medium) [etch] - libvorbis <unfixed> (bug #437916; medium) [sarge] - libvorbis <unfixed> (bug #437916; medium) + NOTE: svn revisions fixing this https://bugzilla.redhat.com/show_bug.cgi?id=249780 CVE-2007-4028 (Absolute path traversal vulnerability in index.php in Webspell 4.01.02 ...) NOT-FOR-US: WebSPELL CVE-2007-4027 (Buffer overflow in cli32 in Areca CLI 1.72.250 and earlier might allow ...)