joeyh at alioth.debian.org
2008-Jul-21 21:14 UTC
[Secure-testing-commits] r9389 - data/CVE
Author: joeyh
Date: 2008-07-21 21:14:09 +0000 (Mon, 21 Jul 2008)
New Revision: 9389
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-07-21 17:59:25 UTC (rev 9388)
+++ data/CVE/list 2008-07-21 21:14:09 UTC (rev 9389)
@@ -8,7 +8,7 @@
NOTE: 0008976 remote code execution only possible with valid administrator
account
CVE-2008-3196 [out of bound access]
- byacc <unfixed> (low; bug #491182)
- [etch] - byacc <no-dsa> (Minor issue)
+ [etch] - byacc <no-dsa> (Minor issue)
CVE-2008-XXXX [libetpan NULL deref]
- libetpan 0.54-3 (low)
[etch] - libetpan <no-dsa> (Minor issue)
@@ -285,7 +285,7 @@
RESERVED
CVE-2008-3216 [projectl prone to symlink attack]
- projectl 1.001.dfsg1-2 (low; bug #489988)
- [etch] - projectl <no-dsa> (Minor issue)
+ [etch] - projectl <no-dsa> (Minor issue)
CVE-2008-3083 (SQL injection vulnerability in Brightcode Weblinks ...)
NOT-FOR-US: com_brightweblinks omponent for Joomla!
CVE-2008-3082 (Cross-site scripting (XSS) vulnerability in ...)
@@ -1120,9 +1120,11 @@
CVE-2008-2727
RESERVED
CVE-2008-2726 (Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and
...)
+ {DSA-1612-1}
- ruby1.9 1.9.0.2-1
- ruby1.8 1.8.7.22-1
CVE-2008-2725 (Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and
...)
+ {DSA-1612-1}
- ruby1.9 1.9.0.2-1
- ruby1.8 1.8.7.22-1
CVE-2008-2718 (Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in
TYPO3 ...)
@@ -1266,12 +1268,15 @@
- php5 <unfixed> (unimportant)
NOTE: safe mode not supported
CVE-2008-2664 (The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5
before ...)
+ {DSA-1612-1}
- ruby1.9 1.9.0.2-1
- ruby1.8 1.8.7.22-1
CVE-2008-2663 (Multiple integer overflows in the rb_ary_store function in Ruby
1.8.4 ...)
+ {DSA-1612-1}
- ruby1.9 1.9.0.2-1
- ruby1.8 1.8.7.22-1
CVE-2008-2662 (Multiple integer overflows in the rb_str_buf_append function in
Ruby ...)
+ {DSA-1612-1}
- ruby1.9 1.9.0.2-1
- ruby1.8 1.8.7.22-1
CVE-2008-2661
@@ -1860,6 +1865,7 @@
RESERVED
- gnutls26 2.4.1-1 (medium)
CVE-2008-2376 (Integer overflow in the rb_ary_fill function in array.c in Ruby
before ...)
+ {DSA-1612-1}
- ruby1.9 <unfixed>
- ruby1.8 <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2008/07/02/3
@@ -2014,7 +2020,7 @@
NOT-FOR-US: Mac OS X
CVE-2008-2310 (Format string vulnerability in c++filt in Apple Mac OS X 10.5
before ...)
- binutils 2.18.1~cvs20080103-1 (low)
- [etch] - binutils <no-dsa> (Minor issue)
+ [etch] - binutils <no-dsa> (Minor issue)
CVE-2008-2309 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS
X ...)
NOT-FOR-US: CoreTypes in Apple Mac OS X
CVE-2008-2308 (Unspecified vulnerability in Alias Manager in Apple Mac OS X
10.5.1 ...)
@@ -34687,6 +34693,7 @@
CVE-2006-2663 (Multiple cross-site scripting (XSS) vulnerabilities in iFlance
1.1 ...)
NOT-FOR-US: iFlance
CVE-2006-2662 (VMware Server before RC1 does not clear user credentials from
memory ...)
+ {DSA-1612-1}
NOT-FOR-US: VMware Server
CVE-2006-2661 (ftutil.c in Freetype before 2.2 allows remote attackers to cause
a ...)
{DSA-1095-1}