Author: stef-guest Date: 2006-09-25 18:19:51 +0000 (Mon, 25 Sep 2006) New Revision: 4764 Modified: data/CVE/list Log: - CVE-2006-4799, -4800: Already fixed in some packages, other packages embedding ffmpeg code still need to be checked. - libmodplug fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-09-25 09:14:29 UTC (rev 4763) +++ data/CVE/list 2006-09-25 18:19:51 UTC (rev 4764) @@ -363,9 +363,13 @@ CVE-2006-4801 (Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and ...) NOT-FOR-US: Roxio Toast CVE-2006-4800 (Multiple buffer overflows in libavcodec in ffmpeg before ...) - TODO: check + - ffmpeg 0.cvs20060329-1 + NOTE: fixed in sid+etch according to jmm + TODO: check other packages embedding ffmpeg code CVE-2006-4799 (Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow ...) - TODO: check + - xine-lib 1.1.2-1 + NOTE: according to the changelog, libxine (starting from 1.1.2-4) links dynamically against ffmpeg + TODO: check ffmpeg CVE-2006-4798 (SQL-Ledger before 2.4.4 stores a password in a query string, which ...) - sql-ledger 2.4.5-1 CVE-2006-4797 (Cross-site scripting (XSS) vulnerability in tag.php in CloudNine ...) @@ -1755,7 +1759,7 @@ CVE-2006-4193 (Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows ...) NOT-FOR-US: MS IE CVE-2006-4192 (Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and ...) - - libmodplug <unfixed> (medium; bug #383574) + - libmodplug 1:0.7-5.2 (medium; bug #383574) CVE-2006-4191 (Directory traversal vulnerability in memcp.php in XMB (Extreme Message ...) NOT-FOR-US: XMB CVE-2006-4190 (Directory traversal vulnerability in autohtml.php in the AutoHTML ...)