alec-guest at alioth.debian.org
2007-Jul-07 23:07 UTC
[Secure-testing-commits] r6117 - data/CVE
Author: alec-guest Date: 2007-07-07 23:07:30 +0000 (Sat, 07 Jul 2007) New Revision: 6117 Modified: data/CVE/list Log: CVE-2007-3506: freetype not affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-07 18:24:35 UTC (rev 6116) +++ data/CVE/list 2007-07-07 23:07:30 UTC (rev 6117) @@ -17,8 +17,8 @@ CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value function ...) - flac123 <unfixed> (medium; bug #432008) CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType ...) - - freetype <unfixed> (medium; bug #432013) - NOTE: may be a freetype 2.3 issue (we have 2.2) + - freetype <not-affected> (bug #432013) + NOTE: code introduced after Debian''s version CVE-2007-3505 (Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 ...) NOT-FOR-US: QuickTalk forum CVE-2007-3504 (Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java ...)