jmm-guest at alioth.debian.org
2007-Oct-06 09:48 UTC
[Secure-testing-commits] r6825 - data/CVE
Author: jmm-guest
Date: 2007-10-06 09:48:03 +0000 (Sat, 06 Oct 2007)
New Revision: 6825
Modified:
data/CVE/list
Log:
mark dupe
no-dsa for yate
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-10-06 06:18:34 UTC (rev 6824)
+++ data/CVE/list 2007-10-06 09:48:03 UTC (rev 6825)
@@ -566,11 +566,7 @@
CVE-2007-4967 (Online Armor Personal Firewall 2.0.1.215 does not properly
validate ...)
NOT-FOR-US: Online Armor Personal Firewall
CVE-2007-4966 (SQL injection vulnerability in www/people/editprofile.php in
GForge ...)
- {DTSA-57-1}
- - gforge 4.6.99+svn6086-1
- NOTE: duplicate of CVE-2007-3913 according to Roland Mas
- NOTE: Look at the fix for it:
http://gforge.org/scm/viewvc.php/trunk/gforge/www/people/editprofile.php?root=gforge&r1=5995&r2=6083
- NOTE: This is already a fix for an SQL injection via skill_delete
+ NOTE: Duplicate of CVE-2007-3913
CVE-2007-4965 (Multiple integer overflows in the imageop module in Python 2.5.1
and ...)
- python2.5 <unfixed> (low; bug #443333)
- python2.4 <unfixed> (low; bug #443335)
@@ -850,10 +846,8 @@
NOTE: this vulnerability is unspecified
NOTE: likely affects only windows and Mac OS
CVE-2007-4840 (PHP 5.2.4 and earlier allows context-dependent attackers to
cause a ...)
- - libc6 <unfixed> (low; bug #442247)
- NOTE: was originally reported as a php vulnerability, but is actually
- NOTE: a problem with the libc iconv_* functions, which allocate copies
- NOTE: of strings on the stack without first checking the size.
+ - php5 <unfixed> (unimportant)
+ NOTE: Only triggerable by malicious script
CVE-2007-4839 (Unspecified vulnerability in the PD tools component in IBM
WebSphere ...)
NOT-FOR-US: IBM WebSphere
CVE-2007-4838 (Multiple buffer overflows in CellFactor Revolution 1.03 and
earlier ...)
@@ -8220,6 +8214,7 @@
RESERVED
CVE-2007-1693 (The SIP channel module in Yet Another Telephony Engine (Yate)
before ...)
- yate 1.2.0-1.dfsg-1 (low; bug #421994)
+ [etch] - yate <no-dsa> (Minor issue, fringe application)
CVE-2007-1692 (The default configuration of Microsoft Windows uses the Web
Proxy ...)
NOT-FOR-US: Microsoft
CVE-2007-1691 (Stack-based buffer overflow in Second Sight Software ActiveMod
ActiveX ...)