Author: jmm-guest Date: 2007-05-10 16:03:40 +0000 (Thu, 10 May 2007) New Revision: 5817 Modified: data/CVE/list Log: sarge/etch not-affected by recent bind issue no-dsa for java Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-10 15:01:43 UTC (rev 5816) +++ data/CVE/list 2007-05-10 16:03:40 UTC (rev 5817) @@ -319,6 +319,7 @@ NOTE: Duplicate of CVE-2007-1861 CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...) - sun-java5 1.5.0-11-1 (medium; bug #423062) + [etch] - sun-java5 <no-dsa> (Non-free not supported) CVE-2007-2434 (Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows ...) NOT-FOR-US: Aventail Connect CVE-2007-2433 (Cross-site scripting (XSS) vulnerability in index.php in Ariadne 2.4.1 ...) @@ -741,7 +742,9 @@ NOTE: This should be off by default, tweakable by a simple knob. NOTE: (FreeBSD has it turned on for hosts, too.) CVE-2007-2241 (Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 ...) - - bind9 9.4.1-1 (medium) + - bind9 1:9.4.1-1 (medium) + [etch] - bind9 <not-affected> (Only 9.4/9.5 branches affected) + [sarge] - bind9 <not-affected> (Only 9.4/9.5 branches affected) CVE-2007-2240 RESERVED CVE-2007-2239 (Stack-based buffer overflow in the SaveBMP method in the AXIS Camera ...)