jmm-guest at alioth.debian.org
2007-Jul-04 19:32 UTC
[Secure-testing-commits] r6095 - data/CVE
Author: jmm-guest Date: 2007-07-04 19:32:36 +0000 (Wed, 04 Jul 2007) New Revision: 6095 Modified: data/CVE/list Log: new kernel issue glibc non-issue two new vlc CVE IDs iceape no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-04 09:14:09 UTC (rev 6094) +++ data/CVE/list 2007-07-04 19:32:36 UTC (rev 6095) @@ -1,7 +1,7 @@ CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows ...) TODO: check CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux ...) - TODO: check + - linux-2.6 <unfixed> CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows ...) TODO: check CVE-2007-3511 (The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12 ...) @@ -10,8 +10,10 @@ RESERVED CVE-2007-3509 RESERVED -CVE-2007-3508 +CVE-2007-3508 [glibc hwcaps integer overflow] RESERVED + - glibc <unfixed> (unimportant) + NOTE: Not security-relevant CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value function ...) TODO: check CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType ...) @@ -91,9 +93,9 @@ CVE-2007-3469 (Unspecified vulnerability in the TCP Loopback/Fusion implementation in ...) TODO: check CVE-2007-3468 (input.c in VideoLAN VLC Media Player before 0.8.6c allows remote ...) - TODO: check + - vlc 0.8.6.c.debian-1 (bug #429726) CVE-2007-3467 (Integer overflow in the __status_Update function in stats.c VideoLAN ...) - TODO: check + - vlc 0.8.6.c.debian-1 (bug #429726) CVE-2007-3466 RESERVED CVE-2007-3465 (Check Point SofaWare Safe at Office, with firmware before Embedded NGX ...) @@ -165,11 +167,11 @@ CVE-2007-3438 (Buffer overflow in the SIP header parsing module in the Nortel PC ...) NOT-FOR-US: Nortel PC Client SIP Soft Phone CVE-2007-3437 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote ...) - TODO: check + NOT-FOR-US: AOL Instant Messenger CVE-2007-3436 (Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2007-3435 (Stack-based buffer overflow in the BeginPrint method in a certain ...) - TODO: check + NOT-FOR-US: BarCodeAx.dll CVE-2007-3434 (index.php in Pharmacy System 2 and earlier allows remote attackers to ...) NOT-FOR-US: Pharmacy System CVE-2007-3433 (SQL injection vulnerability in index.php in Pharmacy System 2 and ...) @@ -5746,6 +5748,7 @@ - iceweasel <unfixed> (low) [etch] - iceweasel <no-dsa> (Minor issue) - iceape <unfixed> (low) + [etch] - iceape <no-dsa> (Minor issue) NOTE: xulrunner by itself is not affeced, but other browsers based on xulrunner may be affected TODO: check epiphany, galeon and kazehakase CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX ...)