jmm-guest at alioth.debian.org
2007-Nov-27 21:10 UTC
[Secure-testing-commits] r7407 - data/CVE
Author: jmm-guest Date: 2007-11-27 21:10:26 +0000 (Tue, 27 Nov 2007) New Revision: 7407 Modified: data/CVE/list Log: kernel updates Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-27 17:27:24 UTC (rev 7406) +++ data/CVE/list 2007-11-27 21:10:26 UTC (rev 7407) @@ -361,10 +361,10 @@ CVE-2007-5909 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) ...) NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others CVE-2007-5908 (Buffer overflow in the (1) sysfs_show_available_clocksources and (2) ...) - - linux-2.6 <unfixed> NOTE: there is a list of possible clocksource names which consits of short enough names NOTE: this is a bug in the kernel but not a security issue, there is no way for a user to NOTE: exploit this, they can only chose an item from the list + NOTE: Issue about to be rejected by MITRE CVE-2007-5907 (Xen 3.1.1 does not prevent modification of the CR4 TSC from ...) - xen-3 3.1.2-1 (medium; bug #451626) - xen-3.0 <unfixed> @@ -3149,7 +3149,7 @@ CVE-2007-5088 (Cross-site scripting (XSS) vulnerability in search/cust_bill_event.cgi ...) NOT-FOR-US: freeside CVE-2007-5087 (The ATM module in the Linux kernel before 2.4.35.3, when CLIP support ...) - - linux-2.6 <unfixed> + - linux-2.6 <not-affected> (2.6 code base handles ARP entries differently) CVE-2007-5086 (Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not ...) NOT-FOR-US: Kaspersky Anti-Virus and Internet Security 7.0 CVE-2007-5085 (Unspecified vulnerability in the management EJB (MEJB) in Apache ...)