Author: nion Date: 2007-10-20 20:44:15 +0000 (Sat, 20 Oct 2007) New Revision: 7042 Modified: data/CVE/list Log: added current version number to bugzilla todos for the next upload Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-20 16:59:32 UTC (rev 7041) +++ data/CVE/list 2007-10-20 20:44:15 UTC (rev 7042) @@ -1586,7 +1586,7 @@ NOT-FOR-US: Ghost Security Suite CVE-2007-5038 (The offer_account_by_email function in User.pm in the WebService for ...) - bugzilla <not-affected> (Vulnerable code not present in the version we ship) - TODO: check when newer upstream version enters the pool + TODO: check when newer upstream version enters the pool (> 2.22.1-2.2) CVE-2007-5037 (Buffer overflow in the inotifytools_snprintf function in ...) - inotify-tools 3.11-1 (medium; bug #443913) CVE-2007-5036 (Multiple buffer overflows in the AirDefense Airsensor M520 with ...) @@ -2757,11 +2757,11 @@ CVE-2007-4540 (Multiple SQL injection vulnerabilities in download.php in Olate ...) NOT-FOR-US: Olate Download CVE-2007-4539 (The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 ...) - TODO: check again when new upstream is in unstable - NOTE: - bugzilla version in unstable (2.22.1) is too old to be affected + - bugzilla <not-affected> (source code is too old to inlude this vulnerability) + TODO: check when newer upstream version enters the pool (> 2.22.1-2.2) CVE-2007-4538 (email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers ...) - TODO: check again when new upstream is in unstable - NOTE: - bugzilla version in unstable (2.22.1) is too old to be affected + - bugzilla <not-affected> (source code is too old to inlude this vulnerability) + TODO: check when newer upstream version enters the pool (> 2.22.1-2.2) CVE-2007-4537 (Heap-based buffer overflow in the Huffman decompression algorithm ...) NOT-FOR-US: Skulltag CVE-2007-4536 (TorrentTrader 1.07 and earlier sets insecure permissions for files in ...)