joeyh at alioth.debian.org
2007-Dec-03 21:14 UTC
[Secure-testing-commits] r7486 - data/CVE
Author: joeyh
Date: 2007-12-03 21:14:09 +0000 (Mon, 03 Dec 2007)
New Revision: 7486
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-12-03 17:29:03 UTC (rev 7485)
+++ data/CVE/list 2007-12-03 21:14:09 UTC (rev 7486)
@@ -1,3 +1,5 @@
+CVE-2007-6202 (SQL injection vulnerability in plugins/search/search.php in
Neocrome ...)
+ TODO: check
CVE-2007-XXXX [privilege escalation in sing]
- sing <unfixed> (high; bug #454167)
CVE-2007-XXXX [insecure tmp file handling in difflog.pl shipped by zsh]
@@ -2,3 +4,3 @@
- zsh <unfixed> (low; bug #454073)
-CVE-2007-6201 [remote denial of service vulnerability in wesnoth through
turn_cmd]
+CVE-2007-6201 (Unspecified vulnerability in Wesnoth before 1.2.8 allows
attackers to ...)
- wesnoth 1:1.2.8-1 (low)
@@ -654,7 +656,7 @@
CVE-2007-5926 (OpenBase 10.0.5 and earlier allows remote authenticated users to
...)
NOT-FOR-US: OpenBase
CVE-2007-5925 (The convert_search_mode_to_innobase function in ha_innodb.cc in
the ...)
- {DSA-1413-1}
+ {DSA-1413-1 DTSA-91-1}
- mysql-dfsg-5.0 5.0.45-3 (medium; bug #451235)
- mysql-dfsg-4.1 <removed>
- mysql-dfsg <removed>
@@ -1064,8 +1066,7 @@
RESERVED
CVE-2007-5743
RESERVED
-CVE-2007-5742 [directory traversal vulnerability in wesnoth]
- RESERVED
+CVE-2007-5742 (Directory traversal vulnerability in the WML engine preprocessor
for ...)
{DTSA-90-1}
- wesnoth 1:1.2.8-1 (medium; bug #453500)
CVE-2007-5741 (Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote
attackers ...)
@@ -2237,8 +2238,7 @@
NOT-FOR-US: Oracle
CVE-2007-5503 (Multiple integer overflows in Cairo before 1.4.12 might allow
remote ...)
- libcairo <unfixed> (medium; bug #453686)
-CVE-2007-5502 [programming error in openssl fips object module leading to
possible disclosure of information]
- RESERVED
+CVE-2007-5502 (The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1
does ...)
NOT-FOR-US: OpenSSL Fips object module
CVE-2007-5501 (The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in
Linux ...)
- linux-2.6 <unfixed> (high)