Author: jmm-guest Date: 2007-05-08 21:59:17 +0000 (Tue, 08 May 2007) New Revision: 5808 Modified: data/CVE/list Log: checked one old xine issue minor tcc codegen issue fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-08 18:04:52 UTC (rev 5807) +++ data/CVE/list 2007-05-08 21:59:17 UTC (rev 5808) @@ -5557,7 +5557,8 @@ CVE-2007-0256 (VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of ...) - vlc <unfixed> (unimportant; bug #407290) CVE-2007-0255 (XINE 0.99.4 allows user-assisted remote attackers to cause a denial of ...) - - xine-ui <unfixed> (low) + NOTE: I''ve been looking into this, but I can''t find a copy of the VLC code anywhere + NOTE: This appears to be a generic crash CVE-2007-0254 (Format string vulnerability in the errors_create_window function in ...) - xine-ui 0.99.4+dfsg+cvs20061111-2 (low; bug #407369) CVE-2007-0253 (** DISPUTED ** ...) @@ -20781,10 +20782,9 @@ CVE-2006-0636 (desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the ...) NOT-FOR-US: eyeOS CVE-2006-0635 (Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the ...) - - tcc 0.9.23-3 (bug #352202; low) + - tcc 0.9.24~cvs20070502-1 (bug #352202; low) [sarge] - tcc <no-dsa> (Only incorrect code gen, hardly any production use) - NOTE: Proper protection against integer overflows still need to be done inside - NOTE: the application compiled with TCC, the version above documents the behaviour + [etch] - tcc <no-dsa> (Documented as insecure; only incorrect code gen, hardly any production use) CVE-2006-0634 (Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition ...) NOT-FOR-US: Borland C++Builder CVE-2006-0633 (The make_password function in ipsclass.php in Invision Power Board ...)