joeyh at alioth.debian.org
2008-Jan-21 21:14 UTC
[Secure-testing-commits] r8007 - data/CVE
Author: joeyh
Date: 2008-01-21 21:14:11 +0000 (Mon, 21 Jan 2008)
New Revision: 8007
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-01-21 19:49:37 UTC (rev 8006)
+++ data/CVE/list 2008-01-21 21:14:11 UTC (rev 8007)
@@ -288,7 +288,7 @@
- mysql-dfsg-4.1 <removed>
- mysql-dfsg-5.0 <unfixed> (medium; bug #460873)
CVE-2008-0225 (Heap-based buffer overflow in the rmff_dump_cont function in
...)
- {DTSA-109-1}
+ {DSA-1472-1 DTSA-109-1}
- xine-lib <unfixed> (medium; bug #460551)
CVE-2008-0224 (SQL injection vulnerability in index.php in the Newbb_plus 0.92
and ...)
NOT-FOR-US: RunCMS
@@ -2338,6 +2338,7 @@
CVE-2007-6019
RESERVED
CVE-2007-6018 (IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and
Horde ...)
+ {DSA-1470-1}
- horde3 3.1.6-1 (bug #461131; low)
- imp4 <not-affected> (xss.php is only present in horde3 package)
CVE-2007-6017
@@ -7923,6 +7924,7 @@
CVE-2007-4067 (Absolute path traversal vulnerability in the
clInetSuiteX6.clWebDav ...)
NOT-FOR-US: Clever Internet ActiveX Suite
CVE-2007-4066 (Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0
allow ...)
+ {DSA-1471-1}
- libvorbis 1.2.0.dfsg-1
NOTE: svn revisionsions fixing this:
https://bugzilla.redhat.com/show_bug.cgi?id=249780
CVE-2007-4065 (lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before
1.2.0 ...)
@@ -8012,6 +8014,7 @@
CVE-2007-4030
RESERVED
CVE-2007-4029 (libvorbis 1.1.2, and possibly other versions before 1.2.0,
allows ...)
+ {DSA-1471-1}
- libvorbis 1.2.0.dfsg-1 (medium)
[etch] - libvorbis <unfixed> (bug #437916; medium)
[sarge] - libvorbis <unfixed> (bug #437916; medium)
@@ -10287,6 +10290,7 @@
NOTE: This is fixed by 9a08e732533b940d2d31f4e9999dfee5e1ca3914
NOTE: in Linus'' tree.
CVE-2007-3106 (lib/info.c in libvorbis 1.1.2, and possibly other versions
before ...)
+ {DSA-1471-1}
- libvorbis 1.2.0.dfsg-1 (medium)
CVE-2007-3105 (Stack-based buffer overflow in the random number generator (RNG)
...)
{DSA-1363-1}