jmm-guest at alioth.debian.org
2008-Apr-19 16:29 UTC
[Secure-testing-commits] r8578 - in data: . CVE
Author: jmm-guest Date: 2008-04-19 16:29:56 +0000 (Sat, 19 Apr 2008) New Revision: 8578 Modified: data/CVE/list data/spu-candidates.txt Log: emacsen no-dsa fix typos (had been too late) Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-04-19 14:35:18 UTC (rev 8577) +++ data/CVE/list 2008-04-19 16:29:56 UTC (rev 8578) @@ -202,7 +202,7 @@ - clamav <not-affected> (Debian doesn''t include libunrar since it''s non-free) CVE-2008-1832 (lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite ...) - cecilia <unfixed> (low; bug #476321) - [etch] - cecilica <no-dsa> (Minor issue) + [etch] - cecilia <no-dsa> (Minor issue) CVE-2008-1781 REJECTED CVE-2008-1780 (Unspecified vulnerability in the labeled networking functionality in ...) @@ -2599,6 +2599,7 @@ NOT-FOR-US: Apple iPhone CVE-2008-0728 (The unmew11 function in libclamav/mew.c in libclamav in ClamAV before ...) - clamav 0.92.1~dfsg-1 + [etch] - clamav <not-affected> (Vulnerable code not present) CVE-2008-0727 (Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server ...) NOT-FOR-US: IBM Informix Dynamic Server CVE-2008-0726 (Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows ...) @@ -5644,7 +5645,9 @@ {DTSA-98-1 DTSA-99-1} - emacs22 22.1+1-2.2 (bug #455432) - emacs21 21.4a+1-5.2 (bug #455433) + [etch] - emacs21 <no-dsa> (Minor issue, .el scripts opened need to be trusted) - xemacs21 <unfixed> (bug #457764) + [etch] - xemacs21 <no-dsa> (Minor issue, .el scripts opened need to be trusted) CVE-2007-6108 RESERVED CVE-2007-6107 @@ -11558,7 +11561,7 @@ {DTSA-58-1} - phpsysinfo 2.5.1-6.1 (unimportant; bug #435935) - phpgroupware 0.9.16.012-1 (low; bug #435936) - [etch] - phpgrouwware <not-affected> (Affected code is not used in phpgroupware) + [etch] - phpgroupware <not-affected> (Affected code is not used in phpgroupware) - egroupware-phpsysinfo 1.2.107-2.dfsg-1.1 (low; bug #435937) NOTE: phpsysinfo alone doesn''t maintain any data, which makes this an issue CVE-2007-4047 (geoBlog (aka BitDamaged) 1 does not require authentication for (1) ...) Modified: data/spu-candidates.txt ==================================================================--- data/spu-candidates.txt 2008-04-19 14:35:18 UTC (rev 8577) +++ data/spu-candidates.txt 2008-04-19 16:29:56 UTC (rev 8578) @@ -51,6 +51,11 @@ -- +emacs21 (CVE-2007-6109/CVE-2008-1694) +bug #455433, bug #476612 + +-- + flac123 (CVE-2007-3507) notified maintainer @@ -172,6 +177,11 @@ -- +xemacs21 (CVE-2007-6109/CVE-2008-1694) +bug #457764, bug #476613 + +-- + xfce4 (CVE-2007-6351 CVE-2007-6352) notified maintainer