jmm-guest at alioth.debian.org
2008-Jul-11 10:09 UTC
[Secure-testing-commits] r9303 - data/CVE
Author: jmm-guest Date: 2008-07-11 10:09:44 +0000 (Fri, 11 Jul 2008) New Revision: 9303 Modified: data/CVE/list Log: new kernel issues updates on firefox3 ffmpeg source package renamed (right now only for one entry) Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-07-11 10:02:25 UTC (rev 9302) +++ data/CVE/list 2008-07-11 10:09:44 UTC (rev 9303) @@ -82,6 +82,8 @@ NOT-FOR-US: Opera CVE-2008-3077 (arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the ...) - linux-2.6 <unfixed> + - linux-2.6.24 <unfixed> + NOTE: 1e9a615bfce7996ea4d815d45d364b47ac6a74e8 CVE-2008-3076 RESERVED CVE-2008-3075 @@ -99,7 +101,7 @@ CVE-2008-3069 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB before ...) NOT-FOR-US: MyBB CVE-2008-XXXX [ffmpeg STR demuxer buffer overflow] - - ffmpeg-free <unfixed> (bug #489965; low) + - ffmpeg-debian <unfixed> (bug #489965; low) NOTE: http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993 NOTE: CVE id requested TODO: Check the various embedders in Etch, horray for librification in Lenny @@ -335,7 +337,8 @@ CVE-2008-2945 (Sun Java System Access Manager 6.3 through 7.1 and Sun Java System ...) NOT-FOR-US: Sun Java System Access Manager CVE-2008-2944 (Double free vulnerability in the utrace support in the Linux kernel, ...) - TODO: check + - linux-2.6 <unfixed> + - linux-2.6.24 <unfixed> CVE-2008-2943 (Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 ...) NOT-FOR-US: IBM Tivoli Directory Server CVE-2008-2941 @@ -359,7 +362,8 @@ CVE-2008-2932 RESERVED CVE-2008-2931 (The do_change_type function in fs/namespace.c in the Linux kernel ...) - TODO: check + - linux-2.6 2.6.22 + NOTE: ee6f958291e2a768fd727e7a67badfff0b67711a CVE-2008-2930 RESERVED CVE-2008-2929 @@ -409,7 +413,8 @@ CVE-2008-2906 (SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 ...) NOT-FOR-US: WebChamado CVE-2008-2905 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Mambo + TODO: File a removal request for the outdated versions once uploaded to experimental CVE-2008-2904 (SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows ...) NOT-FOR-US: Conkurent PHPMyCart CVE-2008-2903 (SQL injection vulnerability in news.php in Advanced Webhost Billing ...) @@ -646,7 +651,8 @@ CVE-2008-2813 (Directory traversal vulnerability in index.php in WallCity-Server ...) NOT-FOR-US: WallCity-Server CVE-2008-2812 (The Linux kernel before 2.6.25.10 does not properly perform tty ...) - TODO: check + - linux-2.6 <unfixed> + - linux-2.6.24 <unfixed> CVE-2008-2811 (The block reflow implementation in Mozilla Firefox before 2.0.0.15, ...) - iceweasel 3.0 NOTE: Firefox 3 not affected @@ -662,13 +668,11 @@ - iceape 1.1.10-1 - xulrunner <unfixed> CVE-2008-2808 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...) - - iceweasel <unfixed> - TODO: Check Firefox 3 status + - iceweasel 3.0 - iceape 1.1.10-1 - xulrunner <unfixed> CVE-2008-2807 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...) - - iceweasel <unfixed> - TODO: Check Firefox 3 status + - iceweasel 3.0 - iceape 1.1.10-1 - xulrunner <unfixed> CVE-2008-2806 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS ...)