jmm-guest at alioth.debian.org
2008-Jun-30 16:08 UTC
[Secure-testing-commits] r9195 - data/CVE
Author: jmm-guest Date: 2008-06-30 16:08:45 +0000 (Mon, 30 Jun 2008) New Revision: 9195 Modified: data/CVE/list Log: mercurial issue doesn''t affect etch wordnet audit in preparation Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-06-30 14:58:01 UTC (rev 9194) +++ data/CVE/list 2008-06-30 16:08:45 UTC (rev 9195) @@ -5,6 +5,7 @@ NOTE: http://crisp.cs.du.edu/?q=ca2007-1 CVE-2008-XXXX [missing input validation] - mercurial <unfixed> (low; bug #488628) + [etch] - mercurial <not-affected> (Vulnerable functionality not present) NOTE: CVE id requested CVE-2008-XXXX [Two remote DoS] - linuxdcpp <unfixed> (low; bug #488630) @@ -1496,8 +1497,6 @@ CVE-2008-2149 (Stack-based buffer overflow in the searchwn function in Wordnet 2.0, ...) - wordnet 1:3.0-10 (bug #481186) NOTE: wordnet can be used as a backend to web applications - NOTE: wordnet will get a full audit by the debian audit team - TODO: version 1:3.0-10 got uploaded to unstable, however it needs to be verified that the same problem does not exist in the rest of the code CVE-2008-2148 (The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and ...) - linux-2.6 2.6.25-3 (bug #481195) [etch] - linux-2.6 <not-affected> (vulnerable code not present)