thijs at alioth.debian.org
2008-May-04 11:43 UTC
[Secure-testing-commits] r8701 - data/CVE
Author: thijs
Date: 2008-05-04 11:43:39 +0000 (Sun, 04 May 2008)
New Revision: 8701
Modified:
data/CVE/list
Log:
add some fixed unstable versions for things addressed only in sarge
DSA''s thus still marked latently vulnerable, thanks Michael Gilbert
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-05-04 11:32:24 UTC (rev 8700)
+++ data/CVE/list 2008-05-04 11:43:39 UTC (rev 8701)
@@ -10724,6 +10724,7 @@
CVE-2007-4571 (The snd_mem_proc_read function in sound/core/memalloc.c in the
...)
{DSA-1505-1 DSA-1479-1}
- linux-2.6 2.6.22-5 (low; bug #444571)
+ - alsa-driver 1.0.15-1
NOTE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
NOTE:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
NOTE: very easy to exploit locally
@@ -27591,7 +27592,9 @@
- libgsf 1.14.2-1
CVE-2006-4513 (Multiple integer overflows in the WV library in wvWare (formerly
...)
- wv 1.2.4-1 (bug #396256; medium)
+ - abiword 2.4.6-1
[sarge] - abiword 2.4.6-1.1 (bug #396360)
+ NOTE: exact abiword fixed version not known, but <= 2.4.6-1
CVE-2006-4512
RESERVED
CVE-2006-4511 (Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6
allows ...)
@@ -38083,6 +38086,8 @@
{DSA-1031-1 DSA-1030-1 DSA-1029-1}
- libphp-adodb 4.72-0.1 (medium; bug #349985)
- cacti 0.8.6d-1
+ - moodle 1.6.3-2
+ NOTE: exact moodle fixed version not known, but at least <= 1.6.3-2
CVE-2006-0145 (The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1,
and ...)
NOT-FOR-US: NetBSD
CVE-2006-0144 (The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as
used in ...)