jmm-guest at alioth.debian.org
2008-Jul-11 16:19 UTC
[Secure-testing-commits] r9309 - data/CVE
Author: jmm-guest
Date: 2008-07-11 16:19:22 +0000 (Fri, 11 Jul 2008)
New Revision: 9309
Modified:
data/CVE/list
Log:
ffmpeg fixed
dnsmasq fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-07-11 16:15:23 UTC (rev 9308)
+++ data/CVE/list 2008-07-11 16:19:22 UTC (rev 9309)
@@ -101,7 +101,7 @@
CVE-2008-3069 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB
before ...)
NOT-FOR-US: MyBB
CVE-2008-XXXX [ffmpeg STR demuxer buffer overflow]
- - ffmpeg-debian <unfixed> (bug #489965; low)
+ - ffmpeg-debian 0.svn20080206-10 (bug #489965; low)
NOTE: http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993
NOTE: CVE id requested
TODO: Check the various embedders in Etch, horray for librification in Lenny
@@ -3749,7 +3749,7 @@
{DSA-1603-1 DTSA-147-1}
- bind9 1:9.5.0.dfsg-5 (high)
- glibc <unfixed> (medium)
- - dnsmasq <unfixed> (medium; bug #490123)
+ - dnsmasq 2.43-1 (medium; bug #490123)
- pdnsd <unfixed> (medium)
NOTE: Unbound, djbdns and PowerDNS are affected by the underlying protocol
issue, but
NOTE: already use source port randomization.