Secure testing commits - May 2008 - r8727 - data/CVE

Author: joeyh
Date: 2008-05-06 21:14:14 +0000 (Tue, 06 May 2008)
New Revision: 8727

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-05-06 20:50:19 UTC (rev 8726)
+++ data/CVE/list	2008-05-06 21:14:14 UTC (rev 8727)
@@ -466,6 +466,7 @@
 CVE-2007-6714 (DBMail before 2.2.9, when using authldap with an LDAP server
that ...)
 	- dbmail 2.2.9
 CVE-2008-1878 (Stack-based buffer overflow in the demux_nsf_send_chunk function
in ...)
+	{DTSA-128-1}
 	- xine-lib 1.1.12-2 (medium; bug #476990)
 	NOTE: not patched but disabled
 CVE-2008-1831 (Multiple unspecified vulnerabilities in the Siebel SimBuilder
...)
@@ -796,7 +797,7 @@
 	NOTE: This is more a generic bug and not a security issue: the random output
would
 	NOTE: need to match the name of an existing macro
 CVE-2008-1686 (Array index vulnerability in Speex 1.1.12 and earlier, as used
in ...)
-	{DTSA-127-1}
+	{DTSA-127-1 DTSA-128-1}
 	- speex 1.2~beta2-1 (medium)
 	- libfishsound 0.7.0-2.2 (medium; bug #475152)
 	- xine-lib 1.1.12-1 (medium)
@@ -4590,7 +4591,7 @@
 CVE-2008-0074 (Unspecified vulnerability in Microsoft Internet Information
Services ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-0073 (Array index error in the sdpplin_parse function in ...)
-	{DSA-1543-1 DSA-1536-1 DTSA-119-1 DTSA-121-1}
+	{DSA-1543-1 DSA-1536-1 DTSA-119-1 DTSA-121-1 DTSA-128-1}
 	- xine-lib 1.1.11-1 (medium)
 	- vlc 0.8.6.e-2 (medium; bug #473057)
 	NOTE: http://bugs.xine-project.org/show_bug.cgi?id=58
@@ -6382,6 +6383,7 @@
 CVE-2007-5990 (Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows
remote ...)
 	NOT-FOR-US: ExoPHPdesk
 CVE-2006-7230 (Perl-Compatible Regular Expression (PCRE) library before 7.0
does not ...)
+	{DSA-1570-1}
 	- pcre3 7.0-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
@@ -6484,11 +6486,13 @@
 	- linux-2.6 2.6.20-1
 	[etch] - linux-2.6 <not-affected> (Ubuntu-specific regression)
 CVE-2006-7228 (Integer overflow in Perl-Compatible Regular Expression (PCRE)
library ...)
+	{DSA-1570-1}
 	- pcre3 6.2-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	NOTE: http://www.pcre.org/changelog.txt states fixed in 6.2
 CVE-2006-7227 (Integer overflow in Perl-Compatible Regular Expression (PCRE)
library ...)
+	{DSA-1570-1}
 	- pcre3 6.2-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
@@ -10263,19 +10267,19 @@
 	- postgresql-8.1 8.1.11-1
 	[sarge] - postgresql <unfixed>
 CVE-2007-4768 (Heap-based buffer overflow in Perl-Compatible Regular Expression
...)
-	{DSA-1399-1 DTSA-77-1}
+	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 CVE-2007-4767 (Perl-Compatible Regular Expression (PCRE) library before 7.3
does not ...)
-	{DSA-1399-1 DTSA-77-1}
+	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 CVE-2007-4766 (Multiple integer overflows in Perl-Compatible Regular Expression
...)
-	{DSA-1399-1 DTSA-77-1}
+	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
@@ -17709,25 +17713,25 @@
 	- ekg 1:1.7~rc2-2 (low)
 	[sarge] - ekg <not-affected> (Vulnerable code not present)
 CVE-2007-1662 (Perl-Compatible Regular Expression (PCRE) library before 7.3
reads ...)
-	{DSA-1399-1 DTSA-77-1}
+	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 CVE-2007-1661 (Perl-Compatible Regular Expression (PCRE) library before 7.3
...)
-	{DSA-1399-1 DTSA-77-1}
+	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 CVE-2007-1660 (Perl-Compatible Regular Expression (PCRE) library before 7.0
does not ...)
-	{DSA-1399-1 DTSA-77-1}
+	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 CVE-2007-1659 (Perl-Compatible Regular Expression (PCRE) library before 7.3
allows ...)
-	{DSA-1399-1 DTSA-77-1}
+	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- kazehakase 0.5.2-1
 	- pcre3 7.3-1
 	- glib2.0 2.14.3-1 (unimportant)