Author: nion Date: 2008-06-11 22:10:35 +0000 (Wed, 11 Jun 2008) New Revision: 9044 Modified: data/CVE/list Log: freetype overflows already have cve ids note, that the version is not the vulnerable version but the fixed source package version Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-06-11 21:55:51 UTC (rev 9043) +++ data/CVE/list 2008-06-11 22:10:35 UTC (rev 9044) @@ -1,5 +1,3 @@ -CVE-2008-XXXX [multiple security issues in FreeType2] - - freetype 2.3.5-1 (medium; bug #485841) CVE-2008-2654 [off-by-one in webhttpd.c] - motion 3.2.9-3 (low; bug #484572) CVE-2008-2667 [sql injection vulnerability in courier-authlib] @@ -1640,12 +1638,15 @@ RESERVED CVE-2008-1809 RESERVED -CVE-2008-1808 +CVE-2008-1808 [two heap overflows in PFB and TTF font parsing routine] RESERVED -CVE-2008-1807 + - freetype <unfixed> (low; bug #485841) +CVE-2008-1807 [heap overflow in PFB font parsing routine] RESERVED -CVE-2008-1806 + - freetype <unfixed> (medium; bug #485841) +CVE-2008-1806 [heap overflow in PFB font parsing routine] RESERVED + - freetype <unfixed> (medium; bug #485841) CVE-2008-1805 RESERVED CVE-2008-1804 (preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not ...)