joeyh at alioth.debian.org
2008-Jul-15 21:14 UTC
[Secure-testing-commits] r9340 - data/CVE
Author: joeyh
Date: 2008-07-15 21:14:10 +0000 (Tue, 15 Jul 2008)
New Revision: 9340
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-07-15 19:09:54 UTC (rev 9339)
+++ data/CVE/list 2008-07-15 21:14:10 UTC (rev 9340)
@@ -569,6 +569,7 @@
[etch] - poppler <not-affected> (Vulnerable code not present)
- xpdf <not-affected> (Page.cc is not allocating the widget and
therefore not vulnerable in the destructor, attrs initialized)
CVE-2008-2927 (Multiple integer overflows in the msn_slplink_process_msg
functions in ...)
+ {DSA-1610-1}
- pidgin 2.4.3-1
- gaim 1:2.0.0+fake.1
NOTE: gaim is now a transitional package depending on pidgin with its own
source package
@@ -1964,6 +1965,7 @@
RESERVED
CVE-2008-2232 [privilege escalation in afuse]
RESERVED
+ {DTSA-149-1}
- afuse <unfixed> (bug #490921; medium)
CVE-2008-2231 (SQL injection vulnerability in Slashdot Like Automated
Storytelling ...)
- slash <unfixed> (medium; bug #484499)
@@ -5321,6 +5323,7 @@
CVE-2008-0804 (PHP remote file inclusion vulnerability in usrgetform.html in
Thecus ...)
NOT-FOR-US: Thecus N5200Pro NAS Server
CVE-2008-0983 (lighttpd 1.4.18, and possibly other versions before 1.5.0, does
not ...)
+ {DSA-1609-1}
- lighttpd 1.4.18-2 (medium; bug #466663)
CVE-2008-0883 (acroread in Adobe Acrobat Reader 8.1.2 allows local users to
overwrite ...)
NOT-FOR-US: Adobe Acrobat Reader
@@ -14780,6 +14783,7 @@
{DSA-1362-1}
- lighttpd 1.4.16-1 (bug #434888)
CVE-2007-3948 (connections.c in lighttpd before 1.4.16 might accept more
connections ...)
+ {DSA-1609-1}
- lighttpd 1.4.16-1 (low; bug #434888)
CVE-2007-3947 (request.c in lighttpd 1.4.15 allows remote attackers to cause a
denial ...)
{DSA-1362-1}