joeyh at alioth.debian.org
2007-Aug-11 21:14 UTC
[Secure-testing-commits] r6278 - data/CVE
Author: joeyh
Date: 2007-08-11 21:14:08 +0000 (Sat, 11 Aug 2007)
New Revision: 6278
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-08-11 18:36:41 UTC (rev 6277)
+++ data/CVE/list 2007-08-11 21:14:08 UTC (rev 6278)
@@ -967,6 +967,7 @@
CVE-2007-3799 (The session_start function in ext/session in PHP 4.x up to 4.4.7
and ...)
TODO: check
CVE-2007-3798 (Integer overflow in print-bgp.c in the BGP dissector in tcpdump
3.9.6 ...)
+ {DSA-1353-1}
- tcpdump 3.9.5-3 (bug #434030)
CVE-2007-3797
RESERVED
@@ -1913,7 +1914,7 @@
- qt4-x11 4.3.0-5
NOTE: there is some dissagreement whether qt4 is affected
CVE-2007-3387 (Integer overflow in the StreamPredictor::StreamPredictor
function in ...)
- {DSA-1350-1 DSA-1349-1 DSA-1348-1 DSA-1347-1 DTSA-49-1 DTSA-50-1}
+ {DSA-1352-1 DSA-1350-1 DSA-1349-1 DSA-1348-1 DSA-1347-1 DTSA-49-1 DTSA-50-1}
- poppler 0.5.4-6.1 (bug #435460)
- gpdf <removed>
- xpdf 3.02-1.1 (bug #435462)
@@ -3083,6 +3084,7 @@
CVE-2007-2894 (The emulated floppy disk controller in Bochs 2.3 allows local
users of ...)
- bochs <unfixed> (unimportant)
CVE-2007-2893 (Heap-based buffer overflow in the bx_ne2k_c::rx_frame function
in ...)
+ {DSA-1351-1}
- bochs 2.3+20070705-1 (low; bug #427144)
CVE-2007-2892 (Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke
2.0.7 ...)
NOT-FOR-US: ASP-Nuke