thr3ads.net - Secure testing commits - [Secure-testing-commits] r6786

If this information is useful, please help other people find it:
Share via:

nion at alioth.debian.org

2007-Oct-04 00:29 UTC

[Secure-testing-commits] r6786 - data/CVE

Author: nion
Date: 2007-10-04 00:29:45 +0000 (Thu, 04 Oct 2007)
New Revision: 6786

Modified:
   data/CVE/list
Log:
fixed inconsistencies reported by Fransesco Poli

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-10-03 23:08:13 UTC (rev 6785)
+++ data/CVE/list	2007-10-04 00:29:45 UTC (rev 6786)
@@ -119,6 +119,7 @@
 CVE-2007-5135 (Off-by-one error in the SSL_get_shared_ciphers function in
OpenSSL ...)
 	{DSA-1379-1}
 	- openssl 0.9.8e-9 (low; bug #444435)
+	[sarge] - openssl 0.9.7e-3sarge5
 CVE-2007-5115 (Multiple PHP remote file inclusion vulnerabilities in Ekke
Doerre ...)
 	NOT-FOR-US: Ekke Doerre Contenido
 CVE-2007-5114 (** DISPUTED ** ...)
@@ -1371,6 +1372,7 @@
 CVE-2007-4569 (backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when
autologin is ...)
 	{DSA-1376-1 DTSA-60-1}
 	- kdebase 4:3.5.7-4
+	[sarge] - kdebase <not-affected> (problem not present in code)
 	NOTE: http://www.kde.org/info/security/advisory-20070919-1.txt
 CVE-2007-4568
 	RESERVED
@@ -1382,7 +1384,7 @@
 	{DSA-1377-2}
 	- fetchmail 6.3.8-8 (bug #440006; low)
 	[etch] - fetchmail <no-dsa> (Hardly a security problem)
-	[sarge] - fetchmail <no-dsa> (Hardly a security problem)
+	[sarge] - fetchmail <not-affected> (problem not present in source)
 CVE-2007-4564 (Cosminexus Manager in Cosminexus Application Server 07-00 and
later ...)
 	NOT-FOR-US: Hitachi Cosminexus
 CVE-2007-4563 (Cosminexus Manager in Cosminexus Application Server 06-50 and
later ...)
@@ -5443,6 +5445,7 @@
 CVE-2007-2834 (Integer overflow in the TIFF parser in OpenOffice.org (OOo)
before ...)
 	{DSA-1375-1}
 	- openoffice.org 2.2.1-9 (medium)
+	[sarge] - openoffice.org 1.1.3-9sarge8
 CVE-2007-2833 (Emacs 21 allows user-assisted attackers to cause a denial of
service ...)
 	{DSA-1316-1}
 	- emacs21 21.4a+1-5.1 (bug #408929; low)
@@ -6971,7 +6974,7 @@
 	NOT-FOR-US: Gentoo''s packaging of courier
 CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before
2.4.35 ...)
 	{DSA-1363-1 DSA-1356-1}
-	- linux-2.6 <unfixed> (medium)
+	- linux-2.6 2.6.21-1 (medium)
 	- kernel-source-2.4.27 (medium; bug #439224)
 	- kernel-source-2.6.8 (medium; bug #439225)
 CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in
...)

Secure testing commits - Oct 2007 - r6786 - data/CVE

[Secure-testing-commits] r6786 - data/CVE