joeyh at alioth.debian.org
2007-Dec-09 09:15 UTC
[Secure-testing-commits] r7566 - data/CVE
Author: joeyh
Date: 2007-12-09 09:15:18 +0000 (Sun, 09 Dec 2007)
New Revision: 7566
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-12-08 23:38:06 UTC (rev 7565)
+++ data/CVE/list 2007-12-09 09:15:18 UTC (rev 7566)
@@ -750,8 +750,10 @@
CVE-2007-5961
RESERVED
CVE-2007-5960 (Mozilla Firefox before 2.0.0.10 and SeaMonkey 1.1.7 sets the
Referer ...)
+ {DSA-1425-1 DSA-1424-1}
- iceweasel 2.0.0.10-1
CVE-2007-5959 (Multiple unspecified vulnerabilities in Mozilla Firefox before
...)
+ {DSA-1425-1 DSA-1424-1}
- iceweasel 2.0.0.10-1
CVE-2007-5958
RESERVED
@@ -791,6 +793,7 @@
CVE-2007-5948 (Multiple cross-site scripting (XSS) vulnerabilities in main.php
in ...)
NOT-FOR-US: SF-Shoutbox
CVE-2007-5947 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and
...)
+ {DSA-1425-1 DSA-1424-1}
- iceweasel 2.0.0.10-1 (low; bug #451624)
CVE-2007-5946 (Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX
...)
NOT-FOR-US: HP-UX
@@ -819,6 +822,7 @@
CVE-2007-5936 (dvips in teTeX and TeXlive 2007 and earlier allows local users
to ...)
- texlive-bin 2007-13
CVE-2007-5935 (Stack-based buffer overflow in hpc.c in dvips in teTeX and
TeXlive ...)
+ {DTSA-97-1}
- texlive-bin 2007.dfsg.1-1
CVE-2007-5934 (The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a
request ...)
NOT-FOR-US: php PEAR MDB2
@@ -5923,6 +5927,7 @@
[etch] - samba <not-affected> (Vulnerable code was introduced in 3.0.25)
[sarge] - samba <not-affected> (Vulnerable code was introduced in
3.0.25)
CVE-2007-4137 (Off-by-one error in the QUtf8Decoder::toUnicode function in
Trolltech ...)
+ {DSA-1426-1}
- qt-x11-free 3:3.3.7-8 (medium; bug #442780)
- qt4-x11 <not-affected> (Not exploitable according to upstream)
CVE-2007-4136 (The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers
to ...)
@@ -7704,6 +7709,7 @@
CVE-2007-3394 (Multiple SQL injection vulnerabilities in eNdonesia 8.4 allow
remote ...)
NOT-FOR-US: eNdonesia
CVE-2007-3388 (Multiple format string vulnerabilities in (1) qtextedit.cpp, (2)
...)
+ {DSA-1426-1}
- qt-x11-free 3:3.3.7-6
- qt4-x11 4.3.0-5
NOTE: there is some dissagreement whether qt4 is affected