white at alioth.debian.org
2008-Jul-11 18:01 UTC
[Secure-testing-commits] r9312 - data/CVE
Author: white Date: 2008-07-11 18:01:16 +0000 (Fri, 11 Jul 2008) New Revision: 9312 Modified: data/CVE/list Log: stable has gaim, not pidgin; integer overflow present, other minor DoS probably as well Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-07-11 17:17:58 UTC (rev 9311) +++ data/CVE/list 2008-07-11 18:01:16 UTC (rev 9312) @@ -562,6 +562,7 @@ - xpdf <not-affected> (Page.cc is not allocating the widget and therefore not vulnerable in the destructor, attrs initialized) CVE-2008-2927 (Multiple integer overflows in the msn_slplink_process_msg functions in ...) - pidgin 2.4.3-1 + - gaim <unfixed> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=453764 CVE-2008-3137 [GSM SMS dissector in wireshark allows a DoS] - wireshark 1.0.1-1 (low; bug #488834) @@ -586,11 +587,14 @@ - openldap2.3 <unfixed> (medium; bug #488710) CVE-2008-2955 (Pidgin 2.4.1 allows remote attackers to cause a denial of service ...) - pidgin <unfixed> (low; bug #488632) + - gaim <unfixed> (low; bug #488632) CVE-2008-2956 (Memory leak in Pidgin 2.0.0, and possibly other versions, allows ...) - pidgin <unfixed> (low; bug #488632) + - gaim <unfixed> (low; bug #488632) NOTE: jabber servers should not forward malformed XML CVE-2008-2957 (The UPnP functionality in Pidgin 2.0.0, and possibly other versions, ...) - pidgin <unfixed> (low; bug #488632) + - gaim <unfixed> (low; bug #488632) NOTE: probably only a bandwidth issue CVE-2008-2942 (Directory traversal vulnerability in patch.py in Mercurial 1.0.1 ...) - mercurial 1.0.1-2 (low; bug #488628)