thr3ads.net - Secure testing commits - [Secure-testing-commits] r6156

If this information is useful, please help other people find it:
Share via:

stef-guest at alioth.debian.org

2007-Jul-21 06:38 UTC

[Secure-testing-commits] r6156 - data/CVE

Author: stef-guest
Date: 2007-07-21 06:38:49 +0000 (Sat, 21 Jul 2007)
New Revision: 6156

Modified:
   data/CVE/list
Log:
add bugnums, fixed: owl-dms, flac123 

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-07-19 17:01:57 UTC (rev 6155)
+++ data/CVE/list	2007-07-21 06:38:49 UTC (rev 6156)
@@ -783,7 +783,7 @@
 	- glibc 2.6-2 (unimportant; bug #431858)
 	NOTE: Not security-relevant
 CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value
function ...)
-	- flac123 <unfixed> (medium; bug #432008)
+	- flac123 0.0.11-1 (medium; bug #432008)
 CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in
FreeType ...)
 	- freetype 2.3.4 (bug #432013)
 	[sarge] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
@@ -1462,7 +1462,7 @@
 	[etch] - flyspray <not-affected> (Vulnerable code not)
 	[sarge] - flyspray <not-affected> (Vulnerable code not included)
 	- moodle <not-affected> (Doesn''t affect moodle per maintainer)
-	- owl-dms <unfixed> (bug #429197)
+	- owl-dms 0.94-2 (bug #429197)
 	- knowledgeroot 0.9.8.2-2 (bug #429196)
 	[etch] - knowledgeroot <not-affected> (Vulnerable code not used)
 	- ipplan 4.85-2 (bug #429193)
@@ -4557,7 +4557,7 @@
 	{DSA-1312-1}
 	- libapache-mod-jk 1:1.2.23-1 (bug #425836)
 CVE-2007-1859 (XScreenSaver 4.10, when using a remote directory service for
...)
-	- xscreensaver <unfixed> (low)
+	- xscreensaver <unfixed> (low; bug #433964)
 CVE-2007-1858 (The default SSL cipher configuration in Apache Tomcat 4.1.28
through ...)
 	NOTE: insecure ciphers should not be (and usually are not) enabled in browsers
 	[sarge] - tomcat4 <no-dsa> (low)
@@ -5499,7 +5499,7 @@
 CVE-2007-1474 (Argument injection vulnerability in the cleanup cron script in
Horde ...)
 	- horde3 3.1.3-4 (medium)
 CVE-2007-1473 (Cross-site scripting (XSS) vulnerability in
framework/NLS/NLS.php in ...)
-	- horde3 <unfixed> (low)
+	- horde3 <unfixed> (low; bug #434045)
 CVE-2007-1472 (Variable overwrite vulnerability in
groupit/base/groupit.start.inc in ...)
 	NOT-FOR-US: Groupit
 CVE-2007-1471 (admin/default.asp in Orion-Blog 2.0 allows remote attackers to
bypass ...)

Secure testing commits - Jul 2007 - r6156 - data/CVE

[Secure-testing-commits] r6156 - data/CVE