white at alioth.debian.org
2008-Jan-04 11:22 UTC
[Secure-testing-commits] r7822 - data/CVE
Author: white Date: 2008-01-04 11:22:45 +0000 (Fri, 04 Jan 2008) New Revision: 7822 Modified: data/CVE/list Log: unp tmp issue got CVE id Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-04 11:19:02 UTC (rev 7821) +++ data/CVE/list 2008-01-04 11:22:45 UTC (rev 7822) @@ -231,7 +231,7 @@ CVE-2007-6613 (Stack-based buffer overflow in the print_iso9660_recurse function in ...) TODO: check CVE-2007-6610 (unp 1.0.12 does not properly escape file names, which might allow ...) - TODO: check + - unp 1.0.13 (bug #448437) CVE-2007-6609 (Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function ...) NOT-FOR-US: CoolPlayer CVE-2007-6608 (Multiple cross-site scripting (XSS) vulnerabilities in OpenBiblio ...) @@ -484,8 +484,6 @@ [lenny] - venkman <not-affected> (Vulnerable code not present) [sarge] - venkman <not-affected> (Vulnerable code not present) [etch] - venkman <not-affected> (Vulnerable code not present) -CVE-2007-XXXX [unp insufficient escaping of shell meta characters] - - unp 1.0.13 (bug #448437) CVE-2007-XXXX [unace unspecified security issue related to uninitialized variable] - unace-nonfree 2.5-3 [sarge] - unace-nonfree <no-dsa> (non-free not supported)