jmm-guest at alioth.debian.org
2007-Jul-18 22:01 UTC
[Secure-testing-commits] r6150 - data/CVE
Author: jmm-guest Date: 2007-07-18 22:01:03 +0000 (Wed, 18 Jul 2007) New Revision: 6150 Modified: data/CVE/list Log: silc doesn''t affect etch no-dsas for minor browser issues mutt no-dsa, might come through s-p-u Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-18 21:56:57 UTC (rev 6149) +++ data/CVE/list 2007-07-18 22:01:03 UTC (rev 6150) @@ -543,6 +543,7 @@ TODO: check CVE-2007-XXXX [silc-toolkit several buffer overflows] - silc-toolkit 1.1.2-1 + [etch] - silc-toolkit <not-affected> (Only the 1.1.x branch is affected) NOTE: http://silcnet.org/docs/changelog/SILC Toolkit 1.1.2 CVE-2007-XXXX [silc-client several buffer overflows] - silc-client 1.1.2-1 @@ -858,8 +859,10 @@ NOT-FOR-US: Lhaca CVE-2007-3374 (Buffer overflow in cluster/cman/daemon/daemon.c in cman ...) - redhat-cluster <unfixed> (medium) + TODO: File bug CVE-2007-3373 (daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear ...) - redhat-cluster <unfixed> (low) + TODO: File bug CVE-2006-7209 (Multiple cross-site scripting (XSS) vulnerabilities in phpTrafficA ...) NOT-FOR-US: phpTrafficA CVE-2006-7208 (PHP remote file inclusion vulnerability in download.php in the Adam ...) @@ -1397,15 +1400,21 @@ NOT-FOR-US: Zen Help Desk CVE-2007-3145 (Visual truncation vulnerability in Galeon 2.0.1 allows remote ...) - galeon <unfixed> (low; bug #429216) + [sarge] - galeon <no-dsa> (Minor issue) + [etch] - galeon <no-dsa> (Minor issue) CVE-2007-3144 (Visual truncation vulnerability in Mozilla 1.7.12 allows remote ...) - iceweasel <unfixed> (low) [etch] - iceweasel <no-dsa> (Minor issue) - iceape <unfixed> (low) + [etch] - iceape <no-dsa> (Minor issue) - firefox <removed> (low) - mozilla <removed> (low) - xulrunner <unfixed> (low) + [etch] - xulrunner <no-dsa> (Minor issue) CVE-2007-3143 (Visual truncation vulnerability in Konqueror 3.5.5 allows remote ...) - kdebase <unfixed> (low) + [sarge] - kdebase <no-dsa> (Minor issue) + [etch] - kdebase <no-dsa> (Minor issue) CVE-2007-3142 (Visual truncation vulnerability in Opera 9.21 allows remote attackers ...) NOT-FOR-US: Opera CVE-2007-3141 (PHP remote file inclusion vulnerability in core/editor.php in ...) @@ -2484,6 +2493,8 @@ NOT-FOR-US: Jetbox CMS CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to execute ...) - mutt 1.5.15+20070608-1 (low; bug #426116) + [etch] - mutt <no-dsa> (Minor issue, hardly exploitable) + [sarge] - mutt <no-dsa> (Minor issue, hardly exploitable) CVE-2007-2682 (The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as ...) NOT-FOR-US: Adobe CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution ...) @@ -4740,7 +4751,7 @@ CVE-2007-1694 RESERVED CVE-2007-1693 (The SIP channel module in Yet Another Telephony Engine (Yate) before ...) - - yate 1.2.0-1.dfsg-1 (medium; bug #421994) + - yate 1.2.0-1.dfsg-1 (low; bug #421994) CVE-2007-1692 (The default configuration of Microsoft Windows uses the Web Proxy ...) NOT-FOR-US: Microsoft CVE-2007-1691 (Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX ...)