Author: jmm-guest
Date: 2005-12-06 09:45:47 +0000 (Tue, 06 Dec 2005)
New Revision: 2947
Modified:
data/CVE/list
Log:
two new issues in ffmpeg and xine-lib
update on older kernel issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-12-06 00:04:14 UTC (rev 2946)
+++ data/CVE/list 2005-12-06 09:45:47 UTC (rev 2947)
@@ -1,3 +1,6 @@
+CVE-2005-XXXX [libavcodec: heap overflow in PIX_FMT_PAL8]
+ - ffmpeg <unfixed> (bug filed; medium)
+ - xine-lib <unfixed> (bug filed; medium)
CVE-2005-XXXX [trac: SQL injection in search module]
- trac 0.9.2-1 (medium)
CVE-2005-4007 (Multiple unspecified vulnerabilities in SAPID CMS before
1.2.3.03, ...)
@@ -18585,7 +18588,9 @@
- kernel-source-2.4.27 <not-affected> (Fixed before upload in the
archive; 2.4.22-pre10)
CVE-2003-0461 (/proc/tty/driver/serial in Linux 2.4.x reveals the exact number
of ...)
{DSA-423 DSA-358}
- TODO: Check, see http://www.ultramonkey.org/bugs/cve/CAN-2003-0461.shtml
+ [sarge] - kernel-source-2.6.8 <not-affected> (Fixed before upload into
archive; 2.6.1)
+ - linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.1)
+ - kernel-source-2.4.27 2.4.27-1
CVE-2003-0460 (The rotatelogs program on Apache before 1.3.28, for Windows and
OS/2 ...)
NOT-FOR-US: apache for win and os/2
CVE-2003-0459 (KDE Konqueror for KDE 3.1.2 and earlier does not remove
authentication ...)