Author: stef-guest Date: 2007-02-17 11:37:11 +0100 (Sat, 17 Feb 2007) New Revision: 5466 Modified: data/CVE/list Log: twiki, amarok, stlport5 fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-02-16 23:20:05 UTC (rev 5465) +++ data/CVE/list 2007-02-17 10:37:11 UTC (rev 5466) @@ -200,7 +200,7 @@ RESERVED CVE-2007-0896 (Cross-site scripting (XSS) vulnerability in the (1) Sage before ...) - firefox-sage 1.3.10-1 -CVE-2007-0451 +CVE-2007-0451 [DoS in spamassassin URI parsing causes SA to enter loop eating all RAM] RESERVED - spamassassin 3.1.7-2 (bug #410843) NOTE: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318 @@ -466,7 +466,7 @@ CVE-2007-0804 (Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 ...) NOT-FOR-US: GGCMS CVE-2007-0803 (Multiple buffer overflows in STLport before 5.0.3 allow remote ...) - - stlport5 <unfixed> (bug #410864; low) + - stlport5 5.0.3-1 (bug #410864; low) CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...) - iceweasel <unfixed> (low) CVE-2007-0801 (The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox ...) @@ -541,8 +541,7 @@ CVE-2006-6981 (3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows ...) NOT-FOR-US: 3proxy CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to cause a ...) - TODO: check - NOTE: This seems to only be a crash. Needs further investigation. + - amarok 1.4.4-3 (bug #410850) CVE-2006-6979 (The ruby handlers in Amarok do not properly quote text in certain ...) - amarok <unfixed> (bug #410850; medium) CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar ...) @@ -783,7 +782,7 @@ CVE-2007-0670 (Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local ...) NOT-FOR-US: IBM AIX CVE-2007-0669 (Unspecified vulnerability in Twiki 4.0.0 through 4.1.0 allows local ...) - - twiki <unfixed> (bug #410256) + - twiki 1:4.0.5-9 (bug #410256) CVE-2007-0668 (The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in ...) NOT-FOR-US: Sun Solaris. CVE-2007-0667 (The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and ...)