jmm-guest at alioth.debian.org
2007-May-17 19:31 UTC
[Secure-testing-commits] r5872 - in data: CVE DSA
Author: jmm-guest
Date: 2007-05-17 19:31:16 +0000 (Thu, 17 May 2007)
New Revision: 5872
Modified:
data/CVE/list
data/DSA/list
Log:
quagga DSA
libpng crasher not treated as a security problem
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-05-17 19:10:43 UTC (rev 5871)
+++ data/CVE/list 2007-05-17 19:31:16 UTC (rev 5872)
@@ -569,8 +569,9 @@
- samba 3.0.25-1 (high)
CVE-2007-2445 [libpng tRNS Chunk Denial of Service]
RESERVED
- - libpng 1.2.15~beta5-2
- - libpng3 <unfixed>
+ - libpng 1.2.15~beta5-2 (unimportant)
+ - libpng3 <unfixed> (unimportant)
+ NOTE: Only a crash, no code injection. Calling this DoS stretches things
rather far
CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd in
Samba ...)
{DSA-1291-2}
- samba 3.0.25-1
Modified: data/DSA/list
==================================================================---
data/DSA/list 2007-05-17 19:10:43 UTC (rev 5871)
+++ data/DSA/list 2007-05-17 19:31:16 UTC (rev 5872)
@@ -1,3 +1,7 @@
+[17 May 2007] DSA-1293-1 quagga
+ {CVE-2007-1995}
+ [sarge] - 0.98.3-7.4
+ [etch] - 0.99.5-5etch2
[15 May 2007] DSA-1292-1 qt4-x11
{CVE-2007-0242}
[etch] - qt4-x11 4.2.1-2etch1