Secure testing commits - Mar 2008 - r8426 - data/CVE

Author: nion
Date: 2008-03-27 18:38:02 +0000 (Thu, 27 Mar 2008)
New Revision: 8426

Modified:
   data/CVE/list
Log:
CVE-2008-1185-CVE-2008-1196 fixed in sun-java5/1.5.0-15-1 and sun-java6/6-05-1


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-03-27 18:22:12 UTC (rev 8425)
+++ data/CVE/list	2008-03-27 18:38:02 UTC (rev 8426)
@@ -1,11 +1,11 @@
 CVE-2008-XXXX [gnupg key import memory corruption]
 	- gnupg <not-affected> (Only 1.4.8 is affected)
-        TODO: Verify that the next maintainer upload uses 1.4.9 directly
-        [etch] - gnupg <not-affected> (Only 1.4.8 is affected)
-        [sarge] - gnupg <not-affected> (Only 1.4.8 is affected)
+	TODO: Verify that the next maintainer upload uses 1.4.9 directly
+	[etch] - gnupg <not-affected> (Only 1.4.8 is affected)
+	[sarge] - gnupg <not-affected> (Only 1.4.8 is affected)
 	- gnupg2 <unfixed> (bug filed)
-        [etch] - gnupg2 <not-affected> (Only 2.0.8 is affected)
-        [sarge] - gnupg2 <not-affected> (Only 2.0.8 is affected)
+	[etch] - gnupg2 <not-affected> (Only 2.0.8 is affected)
+	[sarge] - gnupg2 <not-affected> (Only 2.0.8 is affected)
 CVE-2008-1529 (ZyXEL Prestige routers have a minimum password length for the
admin ...)
 	TODO: check
 CVE-2008-1528 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models
with ...)
@@ -717,52 +717,52 @@
 CVE-2008-1197
 	RESERVED
 CVE-2008-1196 (Stack-based buffer overflow in Java Web Start (javaws.exe) in
Sun JDK ...)
-	- sun-java6 <unfixed> (medium)
-	- sun-java5 <unfixed> (medium)
+	- sun-java6 6-05-1 (medium)
+	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1195 (Unspecified vulnerability in Sun JDK and Java Runtime
Environment ...)
-	- sun-java6 <unfixed> (low)
-	- sun-java5 <unfixed> (low)
+	- sun-java6 6-05-1 (low)
+	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1194 (Multiple unspecified vulnerabilities in the color management
library ...)
-	- sun-java6 <unfixed> (unimportant)
-	- sun-java5 <unfixed> (unimportant)
+	- sun-java6 6-05-1 (unimportant)
+	- sun-java5 1.5.0-15-1 (unimportant)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1193 (Unspecified vulnerability in Java Runtime Environment Image
Parsing ...)
-	- sun-java6 <unfixed> (low)
-	- sun-java5 <unfixed> (low)
+	- sun-java6 6-05-1 (low)
+	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1192 (Unspecified vulnerability in the Java Plug-in for Sun JDK and
JRE 6 ...)
-	- sun-java6 <unfixed> (medium)
-	- sun-java5 <unfixed> (medium)
+	- sun-java6 6-05-1 (medium)
+	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1191 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6
...)
-	- sun-java6 <unfixed> (medium)
-	- sun-java5 <unfixed> (medium)
+	- sun-java6 6-05-1 (medium)
+	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1190 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6
...)
-	- sun-java6 <unfixed> (medium)
-	- sun-java5 <unfixed> (medium)
+	- sun-java6 6-05-1 (medium)
+	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1189 (Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4
and ...)
-	- sun-java6 <unfixed> (medium)
-	- sun-java5 <unfixed> (medium)
+	- sun-java6 6-05-1 (medium)
+	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1188 (Multiple buffer overflows in Java Web Start in Sun JDK and JRE 6
...)
-	- sun-java6 <unfixed> (medium)
-	- sun-java5 <unfixed> (medium)
+	- sun-java6 6-05-1 (medium)
+	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1187 (Unspecified vulnerability in Sun Java Runtime Environment (JRE)
and ...)
-	- sun-java6 <unfixed> (low)
-	- sun-java5 <unfixed> (low)
+	- sun-java6 6-05-1 (low)
+	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1186 (Unspecified vulnerability in the Virtual Machine for Sun Java
Runtime ...)
-	- sun-java6 <unfixed>
-	- sun-java5 <unfixed>
+	- sun-java6 6-05-1
+	- sun-java5 1.5.0-15-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1185 (Unspecified vulnerability in the Virtual Machine for Sun Java
Runtime ...)
-	- sun-java6 <unfixed>
-	- sun-java5 <unfixed>
+	- sun-java6 6-05-1
+	- sun-java5 1.5.0-15-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2008-1184 (The DNSSEC validation library (libval) library in dnssec-tools
before ...)
 	NOT-FOR-US: dnssec-tools