Author: fw Date: 2008-02-14 12:55:11 +0000 (Thu, 14 Feb 2008) New Revision: 8157 Modified: data/CVE/list Log: CVE-2008-0177: BSD-only IP stack issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-02-14 09:14:18 UTC (rev 8156) +++ data/CVE/list 2008-02-14 12:55:11 UTC (rev 8157) @@ -1385,7 +1385,11 @@ CVE-2008-0178 (Cross-site scripting (XSS) vulnerability in the Enterprise Admin ...) NOT-FOR-US: Liferay Portal CVE-2008-0177 (The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME ...) - NOT-FOR-US: KAME + - kfreebsd-7 <unfixed> + - kfreebsd-6 <unfixed> + - kfreebsd-5 <removed> + NOTE: Linux kernel code is not affected, the proper check is there + NOTE: (somewhat difficult to spot, it happens in the caller). CVE-2008-0176 (Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI ...) NOT-FOR-US: GE Fanuc CIMPLICITY CVE-2008-0175 (Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time ...)