Author: nion Date: 2008-07-03 15:29:34 +0000 (Thu, 03 Jul 2008) New Revision: 9223 Modified: data/CVE/list Log: cveified piding issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-07-03 12:13:33 UTC (rev 9222) +++ data/CVE/list 2008-07-03 15:29:34 UTC (rev 9223) @@ -8,11 +8,13 @@ NOTE: http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681 CVE-2008-2952 [remote DoS in openldap] - openldap2.3 <unfixed> (low; bug #488710) -CVE-2008-XXXX [several security issues] +CVE-2008-2955 [denial of service via crafted long file name] - pidgin 2.4.3-1 (bug #488632) - NOTE: CVE ids requested by Red Hat - NOTE: http://marc.info/?l=bugtraq&m=121449329530282&w=4 - NOTE: http://crisp.cs.du.edu/?q=ca2007-1 +CVE-2008-2956 [denial of service via malformed XML documents] + - pidgin 2.4.3-1 (low; bug #488632) + NOTE: jabber servers should not forward malformed XML +CVE-2008-2957 [arabitrary file download trigger in piding via UDP pakcet] + - pidgin 2.4.3-1 (bug #488632) CVE-2008-2942 [missing input validation] - mercurial 1.0.1-2 (low; bug #488628) [etch] - mercurial <not-affected> (Vulnerable functionality not present)