thr3ads.net - Secure testing commits - [Secure-testing-commits] r6343

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2007-Aug-16 21:14 UTC
[Secure-testing-commits] r6343 - data/CVE

Author: joeyh
Date: 2007-08-16 21:14:08 +0000 (Thu, 16 Aug 2007)
New Revision: 6343

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-08-16 20:58:17 UTC (rev 6342)
+++ data/CVE/list	2007-08-16 21:14:08 UTC (rev 6343)
@@ -699,7 +699,7 @@
 CVE-2007-4042 (Multiple argument injection vulnerabilities in Netscape
Navigator 9 ...)
 	NOT-FOR-US: Netscape Navigator
 CVE-2007-4041 (Multiple argument injection vulnerabilities in Mozilla Firefox
2.0.0.5 ...)
-	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
 	- iceweasel 2.0.0.6-1
 CVE-2007-4040 (Argument injection vulnerability involving Microsoft Outlook and
...)
 	NOT-FOR-US: Micrsoft Outlook
@@ -1094,25 +1094,27 @@
 CVE-2007-3852 (The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6
creates ...)
 	TODO: check
 CVE-2007-3851 (The drm/i915 component in the Linux kernel before 2.6.22.2, when
used ...)
+	{DSA-1356-1}
 	TODO: check
 CVE-2007-3850
 	RESERVED
 CVE-2007-3849
 	RESERVED
 CVE-2007-3848 (Linux kernel 2.4.35 and other versions allows local users to
send ...)
+	{DSA-1356-1}
 	TODO: check
 CVE-2007-3847
 	RESERVED
 CVE-2007-3846
 	RESERVED
 CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and
2.x ...)
-	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
 	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner 1.8.1.6-1 (medium)
 	- iceape 1.1.3-2 (medium)
 	- icedove <unfixed> (medium)
 CVE-2007-3844 (Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before
1.5.0.13, and ...)
-	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
 	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner 1.8.1.6-1 (medium)
 	- iceape 1.1.3-2 (medium)
@@ -1580,6 +1582,7 @@
 CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative
privileges ...)
 	NOT-FOR-US: AV Arcade
 CVE-2007-3642 (The decode_choice function in
net/netfilter/nf_conntrack_h323_asn1.c ...)
+	{DSA-1356-1}
 	- linux-2.6 2.6.22-2
 CVE-2007-3641 (archive_read_support_format_tar.c in libarchive before 2.2.4
does not ...)
 	- libarchive 2.2.4-1 (bug #432924; low)
@@ -1885,6 +1888,7 @@
 CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2
allows ...)
 	NOT-FOR-US: Apple Safari
 CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux
...)
+	{DSA-1356-1}
 	- linux-2.6 <unfixed>
 CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22
allows ...)
 	NOT-FOR-US: Lhaca
@@ -3380,6 +3384,7 @@
 CVE-2007-2877 (Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before
8.5a6 ...)
 	NOTE: Not a security issue; Windows-only anyway.
 CVE-2007-2876 (The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2)
...)
+	{DSA-1356-1}
 	- linux-2.6 2.6.21-5 (medium)
 CVE-2007-2875 (Integer underflow in the cpuset_tasks_read function in the Linux
...)
 	- linux-2.6 2.6.21-5 (medium)
@@ -4202,6 +4207,7 @@
 CVE-2007-2526 (Heap-based buffer overflow in the ConnectAsyncEx function in VNC
...)
 	NOT-FOR-US: VNC Viewer ActiveX control
 CVE-2007-2525 (Memory leak in the PPP over Ethernet (PPPoE) socket
implementation in ...)
+	{DSA-1356-1}
 	- linux-2.6 <unfixed>
 CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS
(Open ...)
 	{DSA-1298-1}
@@ -4369,6 +4375,7 @@
 CVE-2007-2454 (Heap-based buffer overflow in the VGA device in Parallels allows
local ...)
 	NOT-FOR-US: Parallels
 CVE-2007-2453 (The random number feature in Linux kernel 2.6 before 2.6.20.13,
and ...)
+	{DSA-1356-1}
 	- linux-2.6 2.6.21-5 (low)
 CVE-2007-2452 (Heap-based buffer overflow in the visit_old_format function in
...)
 	- findutils 4.2.31-1 (low; bug #426862)
@@ -5023,6 +5030,7 @@
 CVE-2007-2173 (Eval injection vulnerability in (1) courier-imapd.indirect and
(2) ...)
 	NOT-FOR-US: Gentoo''s packaging of courier
 CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before
2.4.35 ...)
+	{DSA-1356-1}
 	- linux-2.6 <unfixed> (medium)
 CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in
...)
 	NOT-FOR-US: Novell GroupWise
@@ -6991,6 +6999,7 @@
 CVE-2007-1354 (The Access Control functionality (JMXOpsAccessControlFilter) in
JMX ...)
 	NOT-FOR-US: JBoss Application Server
 CVE-2007-1353 (The setsockopt function in the L2CAP and HCI Bluetooth support
in the ...)
+	{DSA-1356-1}
 	- linux-2.6 <unfixed> (low)
 CVE-2007-1352 (Integer overflow in the FontFileInitTable function in X.Org
libXfont ...)
 	{DSA-1294-1}
Secure testing commits - Aug 2007 - r6343 - data/CVE

[Secure-testing-commits] r6343 - data/CVE
