Author: enerv-guest Date: 2007-01-16 18:49:21 +0100 (Tue, 16 Jan 2007) New Revision: 5272 Modified: data/CVE/list Log: update libgtop2 issue. update squid notes. Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-16 14:20:10 UTC (rev 5271) +++ data/CVE/list 2007-01-16 17:49:21 UTC (rev 5272) @@ -1,9 +1,14 @@ CVE-2007-XXXX [Denial of Service Vulnerabilities] - squid 2.6.5-3 (low) TODO: check if version 2.5.9-10sarge2 have comprimised code. + NOTE: reference - http://secunia.com/advisories/23767/ CVE-2007-XXXX [libgtop2 "glibtop_get_proc_map_s()" Buffer Overflow] - - libgtop2 (medium) - NOTE: All version prior 2.14.6 is vulnerable. + - libgtop2 2.14.4-3 <not-affected> + [etch] - libgtop2 2.14.4-2 (medium) + [sarge] - libgtop 2.6.0-4 (medium) + NOTE: sarge - libgtop2 2.6.0-4 sent patch to secure team. + NOTE: etch - libgtop2 2.14.4-2 waiting migrate unstable to testing + NOTE: sid - libgtop2 2.14.4-3 fixed CVE-2007-XXXX [bcfg2 password disclosure] - bcfg2 0.8.7.3-1 (low; bug #406285) CVE-2007-XXXX [mysql 5.0 several DoS vulns]