Author: nion Date: 2007-12-19 12:40:28 +0000 (Wed, 19 Dec 2007) New Revision: 7657 Modified: data/CVE/list Log: NFUs new linux-2.6 issues, poked maks CVE-2007-6416 does not affect xen in Debian removed comments for rejects items Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-12-19 09:14:12 UTC (rev 7656) +++ data/CVE/list 2007-12-19 12:40:28 UTC (rev 7657) @@ -9,13 +9,13 @@ CVE-2008-0026 RESERVED CVE-2007-6436 (Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, ...) - TODO: check + NOT-FOR-US: JustSystems CVE-2007-6435 (Stack-based buffer overflow in Novell GroupWise before 6.5.7, when ...) - TODO: check + NOT-FOR-US: Novell GroupWise CVE-2007-6434 (Linux kernel 2.6.23 allows local users to create low pages in virtual ...) - TODO: check + - linux-2.6 <unfixed> CVE-2007-6433 (The getRenderedEjbql method in the org.jboss.seam.framework.Query ...) - TODO: check + - jbosseam <itp> (bug #451956) CVE-2007-6432 RESERVED CVE-2007-6431 @@ -33,7 +33,7 @@ CVE-2007-6425 RESERVED CVE-2007-6424 (registry.pl in Fonality Trixbox 2.0 PBX products, when running in ...) - TODO: check + NOT-FOR-US: Fonality Trixbox CVE-2007-6423 RESERVED CVE-2007-6422 @@ -45,15 +45,17 @@ CVE-2007-6419 RESERVED CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through ...) - TODO: check + - linux-2.6 <unfixed> CVE-2007-6416 (The copy_to_user function in the PAL emulation functionality for Xen ...) - TODO: check + - xen-unstable <not-affected> (We only have xen for i386 and amd64) + - xen-3 <not-affected> (We only have xen for i386 and amd64) + - xen-3.0 <not-affected> (We only have xen for i386 and amd64) CVE-2007-6415 RESERVED CVE-2007-6414 (admin/administrator.php in Adult Script 1.6 and earlier sends a ...) - TODO: check + NOT-FOR-US: Adult ScriptAdult Script CVE-2007-6413 (Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later ...) - TODO: check + NOT-FOR-US: Sun Solaris CVE-2007-6412 (Direct static code injection vulnerability in wiki/index.php in ...) TODO: check CVE-2007-6411 (Multiple buffer overflows in the HandleEmotsConfig function in the GG ...) @@ -9062,14 +9064,8 @@ NOT-FOR-US: Acoustica MP3 CD Burner CVE-2007-3005 REJECTED - [etch] - sun-java5 <no-dsa> (Non-free not supported) - - sun-java5 1.5.0-11-1 (low) - - sun-java6 6-01-0ubuntu1 (low) CVE-2007-3004 REJECTED - [etch] - sun-java5 <no-dsa> (Non-free not supported) - - sun-java5 1.5.0-11-1 (medium) - - sun-java6 6-01-0ubuntu1 (medium) CVE-2007-3003 (Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier ...) NOT-FOR-US: myBloggie CVE-2007-3002 (PHP JackKnife (PHPJK) allows remote attackers to obtain sensitive ...)