joeyh at alioth.debian.org
2007-Aug-05 21:14 UTC
[Secure-testing-commits] r6243 - data/CVE
Author: joeyh
Date: 2007-08-05 21:14:09 +0000 (Sun, 05 Aug 2007)
New Revision: 6243
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-08-05 19:13:30 UTC (rev 6242)
+++ data/CVE/list 2007-08-05 21:14:09 UTC (rev 6243)
@@ -161,6 +161,7 @@
CVE-2007-4042 (Multiple argument injection vulnerabilities in Netscape
Navigator 9 ...)
NOT-FOR-US: Netscape Navigator
CVE-2007-4041 (Multiple argument injection vulnerabilities in Mozilla Firefox
2.0.0.5 ...)
+ {DSA-1346-1 DSA-1345-1 DSA-1344-1}
- iceweasel 2.0.0.6-1
CVE-2007-4040 (Argument injection vulnerability involving Microsoft Outlook and
...)
NOT-FOR-US: Micrsoft Outlook
@@ -566,12 +567,14 @@
RESERVED
CVE-2007-3845 [firefox external URI handler escaping vulnerability]
RESERVED
+ {DSA-1346-1 DSA-1345-1 DSA-1344-1}
- iceweasel 2.0.0.6-1 (medium)
- xulrunner 1.8.1.6-1 (medium)
- iceape 1.1.3-2 (medium)
- icedove <unfixed> (medium)
CVE-2007-3844 [firefox about:blank regression]
RESERVED
+ {DSA-1346-1 DSA-1345-1 DSA-1344-1}
- iceweasel 2.0.0.6-1 (medium)
- xulrunner 1.8.1.6-1 (medium)
- iceape 1.1.3-2 (medium)
@@ -1612,6 +1615,7 @@
- qt4-x11 4.3.0-5
NOTE: there is some dissagreement whether qt4 is affected
CVE-2007-3387 (Integer overflow in the StreamPredictor::StreamPredictor
function in ...)
+ {DSA-1348-1 DSA-1347-1}
- poppler <unfixed> (bug #435460)
- gpdf <removed>
- xpdf <unfixed> (bug #435462)
@@ -2318,6 +2322,7 @@
CVE-2007-3104 (The sysfs_readdir function in the Linux kernel in Red Hat
Enterprise ...)
- linux-2.6 <unfixed>
CVE-2007-3103 (The init.d script for the X.Org X11 xfs font server on Red Hat
...)
+ {DSA-1342-1}
- xfs 1:1.0.4-2
CVE-2007-3102
RESERVED
@@ -3020,6 +3025,7 @@
CVE-2007-2800 (index.php in eTicket 1.5.5.1 and earlier allows remote attackers
to ...)
NOT-FOR-US: eTicket
CVE-2007-2799 (Integer overflow in the "file" program 4.20,
when running on 32-bit ...)
+ {DSA-1343-1}
- file 4.21-1 (medium)
CVE-2007-2798 (Stack-based buffer overflow in the rename_principal_2_svc
function in ...)
{DSA-1323-1}