jmm-guest at alioth.debian.org
2007-Aug-17 17:59 UTC
[Secure-testing-commits] r6350 - in data: CVE DSA
Author: jmm-guest
Date: 2007-08-17 17:59:55 +0000 (Fri, 17 Aug 2007)
New Revision: 6350
Modified:
data/CVE/list
data/DSA/list
Log:
add kernel fixes from stable kernel update
knowledgetree still in oldstable
kfreebsd not supported
remove duped kernel entry, the correct CVE is -2007-
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-08-17 14:21:40 UTC (rev 6349)
+++ data/CVE/list 2007-08-17 17:59:55 UTC (rev 6350)
@@ -188,7 +188,7 @@
- serendipity 1.1.4-1
[etch] - serendipity <not-affected> (introduced in 1.1.x)
CVE-2007-4281 (Cross-site scripting (XSS) vulnerability in KnowledgeTree Open
Source ...)
- NOT-FOR-US: KnowledgeTree
+ - knowledgetree <removed>
CVE-2007-4279 (PHP remote file inclusion vulnerability in config.php in ...)
NOT-FOR-US: FrontAccounting
CVE-2007-4278 (Stack-based buffer overflow in ESRI ArcSDE service 9.2, as used
with ...)
@@ -1413,8 +1413,10 @@
NOT-FOR-US: Solaris
CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs
scheduling ...)
- kfreebsd-5 <unfixed> (low)
+ [etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives preference
to ...)
- kfreebsd-5 <unfixed> (low)
+ [etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs
scheduling ...)
TODO: check
CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives
preference to ...)
@@ -18135,9 +18137,8 @@
RESERVED
CVE-2006-3643 (Cross-site scripting (XSS) vulnerability in Internet Explorer
5.01 and ...)
NOT-FOR-US: Microsoft
-CVE-2006-3642 [h323 conntrack remote DoS]
+CVE-2006-3642
RESERVED
- - linux-2.6 2.6.21-6 (medium)
CVE-2006-3641
RESERVED
CVE-2006-3640 (Microsoft Internet Explorer 5.01 and 6 allows certain script to
...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2007-08-17 14:21:40 UTC (rev 6349)
+++ data/DSA/list 2007-08-17 17:59:55 UTC (rev 6350)
@@ -1,6 +1,7 @@
[15 Aug 2007] DSA-1356-1 linux-2.6 - several vulnerabilities
- {CVE-2007-1353 CVE-2007-2172 CVE-2007-2453 CVE-2007-2525 CVE-2007-2876
CVE-2007-3513 CVE-2007-3642 CVE-2007-3848 CVE-2007-3851}
+ {CVE-2007-1353 CVE-2007-2172 CVE-2007-2453 CVE-2007-2525 CVE-2007-2876
CVE-2007-3513 CVE-2007-3642 CVE-2007-3848 CVE-2007-3851 CVE-2007-2242
CVE-2006-5753}
[etch] - linux-2.6 2.6.18.dfsg.1-13etch1
+ NOTE: The above entry includes fixes pulled in through -13 in 4.0r1
[13 Aug 2007] DSA-1355-1 kdegraphics - integer overflow
{CVE-2007-3387}
[sarge] - kdegraphics 4:3.3.2-2sarge5