jmm-guest at alioth.debian.org
2007-Aug-14 21:33 UTC
[Secure-testing-commits] r6307 - data/CVE
Author: jmm-guest
Date: 2007-08-14 21:33:42 +0000 (Tue, 14 Aug 2007)
New Revision: 6307
Modified:
data/CVE/list
Log:
gftp not treated as a security problem
as usual non-free is not supported
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-08-14 20:00:18 UTC (rev 6306)
+++ data/CVE/list 2007-08-14 21:33:42 UTC (rev 6307)
@@ -821,7 +821,8 @@
CVE-2007-3871
RESERVED
CVE-2006-7221 (Multiple off-by-one errors in fsplib.c in fsplib before 0.8
allow ...)
- - gftp <unfixed> (low; bug #437710)
+ - gftp <unfixed> (unimportant; bug #437710)
+ NOTE: Only a crasher, w/o security impact for a client application like gftp
CVE-2007-XXXX [dokuwiki XSS in spellchecker]
- dokuwiki 0.0.20070626b-1 (unimportant; bug #434134)
NOTE: IE browser bug are not treated as security issues in packages
applications
@@ -1168,7 +1169,9 @@
NOT-FOR-US: WebMatic
CVE-2007-3726 (Integer signedness error in the SET_VALUE function in rarvm.cpp
in ...)
- unrar-nonfree <unfixed> (low; bug #437703)
+ [etch] - unrar-nonfree <no-dsa> (Non-free not supported)
- rar <unfixed> (low; bug #437704)
+ [etch] - rar <no-dsa> (Non-free not supported)
CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91
allows ...)
{DSA-1340-1 DTSA-43-1}
- clamav 0.91-1
@@ -1321,6 +1324,7 @@
- xulrunner 1.8.1.5-1 (high)
CVE-2007-3655 (Stack-based buffer overflow in javaws.exe in Sun Java Web Start
in JRE ...)
- sun-java5 1.5.0-12-1
+ [etch] - sun-java5 <no-dsa> (Non-free not supported)
- sun-java6 6-02-1
CVE-2007-3654
RESERVED