Moritz Muehlenhoff
2007-Apr-04 20:16 UTC
[Secure-testing-commits] r5622 - in data: CVE DSA
Author: jmm-guest
Date: 2007-04-04 20:16:12 +0000 (Wed, 04 Apr 2007)
New Revision: 5622
Modified:
data/CVE/list
data/DSA/list
Log:
kdelibs non-issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-04-04 20:12:59 UTC (rev 5621)
+++ data/CVE/list 2007-04-04 20:16:12 UTC (rev 5622)
@@ -685,7 +685,6 @@
CVE-2007-1536 (Integer underflow in the file_printf function in the
"file" program ...)
{DSA-1274-1}
- file 4.20-1 (bug #415362; high)
- [etch] - file 4.17-5etch1 (high)
NOTE: Has got lots of reverse dependencies.
NOTE: Some of them process remotely supplied untrusted input.
CVE-2007-1535 (Microsoft Windows Vista establishes a Teredo address without
user ...)
@@ -1198,8 +1197,8 @@
CVE-2007-1309 (Novell Access Management 3 SSLVPN Server allows remote
authenticated ...)
NOT-FOR-US: Novell Access Management
CVE-2007-1308 (ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror
in KDE ...)
- - kdelibs <unfixed> (low)
- NOTE: this is a straight crash, I''m not sure it should even be
considered "low"
+ - kdelibs <unfixed> (unimportant)
+ NOTE: Browser crashes not treated as security problems
CVE-2007-1307 (Unspecified vulnerability in Lenovo Intel PRO/1000 LAN adapter
before ...)
NOT-FOR-US: Microsoft Windows Driver for Intel PRO/1000 LAN
CVE-2007-1306 (Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote
...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2007-04-04 20:12:59 UTC (rev 5621)
+++ data/DSA/list 2007-04-04 20:16:12 UTC (rev 5622)
@@ -8,6 +8,7 @@
[02 Apr 2007] DSA-1274-1 file - buffer overflow
{CVE-2007-1536}
[sarge] - file 4.12-1sarge1
+ [etch] - file 4.17-5etch1
[27 Mar 2007] DSA-1273-1 nas - several vulnerabilities
{CVE-2007-1543 CVE-2007-1544 CVE-2007-1545 CVE-2007-1546 CVE-2007-1547}
[sarge] - nas 1.7-2sarge1