jmm-guest at alioth.debian.org
2007-Jun-13 20:32 UTC
[Secure-testing-commits] r6000 - data/CVE
Author: jmm-guest Date: 2007-06-13 20:32:22 +0000 (Wed, 13 Jun 2007) New Revision: 6000 Modified: data/CVE/list Log: three new kernel issues findutils no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-06-13 15:51:56 UTC (rev 5999) +++ data/CVE/list 2007-06-13 20:32:22 UTC (rev 6000) @@ -637,9 +637,9 @@ CVE-2007-2877 (Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 ...) NOTE: Not a security issue; Windows-only anyway. CVE-2007-2876 (The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) ...) - TODO: check + - linux-2.6 <unfixed> (medium) CVE-2007-2875 (Integer underflow in the cpuset_tasks_read function in the Linux ...) - TODO: check + - linux-2.6 <unfixed> (medium) CVE-2007-2874 RESERVED CVE-2007-2873 (SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as ...) @@ -1590,9 +1590,11 @@ CVE-2007-2454 (Heap-based buffer overflow in the VGA device in Parallels allows local ...) NOT-FOR-US: Parallels CVE-2007-2453 (The random number feature in Linux kernel 2.6 before 2.6.20.13, and ...) - TODO: check + - linux-2.6 <unfixed> (low) CVE-2007-2452 (Heap-based buffer overflow in the visit_old_format function in ...) - findutils 4.2.31-1 (low; bug #426862) + [sarge] - findutils <no-dsa> (Not vulnerable in default configuration, minor issue) + [etch] - findutils <no-dsa> (Not vulnerable in default configuration, minor issue) CVE-2007-2451 (Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES ...) - linux-2.6 2.6.21-3 [etch] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.20)