alec-guest at alioth.debian.org
2007-Jul-10 12:23 UTC
[Secure-testing-commits] r6127 - data/CVE
Author: alec-guest Date: 2007-07-10 12:23:02 +0000 (Tue, 10 Jul 2007) New Revision: 6127 Modified: data/CVE/list Log: CVE-2007-2789: sun-java6 fixed; CVE-2007-2488, CVE-2007-1595: asterisk fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-10 11:43:36 UTC (rev 6126) +++ data/CVE/list 2007-07-10 12:23:02 UTC (rev 6127) @@ -1689,7 +1689,7 @@ CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before ...) - sun-java5 1.5.0-11-1 (medium) [etch] - sun-java5 <no-dsa> (Non-free not supported) - - sun-java6 <unfixed> (bug #422403) + - sun-java6 6-01-1 (bug #422403) CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun Java ...) - sun-java5 1.5.0-11-1 (medium) [etch] - sun-java5 <no-dsa> (Non-free not supported) @@ -2354,7 +2354,7 @@ - schroot <unfixed> (low; bug #422354) [etch] - schroot <not-affected> (Only exploitable in unstable) CVE-2007-2488 (The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does ...) - - asterisk <unfixed> (low) + - asterisk 1:1.4.5~dfsg-1 (low) NOTE: ASA-2007-013 CVE-2007-2480 (The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel ...) - linux-2.6 <unfixed> (medium) @@ -4392,7 +4392,7 @@ CVE-2007-1596 (Multiple PHP remote file inclusion vulnerabilities in the NFN Address ...) NOT-FOR-US: NFN Address Book CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk ...) - - asterisk <unfixed> (low) + - asterisk 1:1.4.0~dfsg-1 (low) CVE-2007-1593 (The administrative service in Symantec Veritas Volume Replicator (VVR) ...) NOT-FOR-US: Symantec CVE-2007-1592 (net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 ...)