nion at alioth.debian.org
2008-Jul-22 22:31 UTC
[Secure-testing-commits] r9396 - in data: CVE DSA
Author: nion
Date: 2008-07-22 22:31:56 +0000 (Tue, 22 Jul 2008)
New Revision: 9396
Modified:
data/CVE/list
data/DSA/list
Log:
fix inconsistensies reported by francesco
TODO: check if ruby in unstable fixes additional CVE ids
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-07-22 18:09:24 UTC (rev 9395)
+++ data/CVE/list 2008-07-22 22:31:56 UTC (rev 9396)
@@ -1865,7 +1865,7 @@
CVE-2008-2376 (Integer overflow in the rb_ary_fill function in array.c in Ruby
before ...)
{DSA-1612-1}
- ruby1.9 <unfixed>
- - ruby1.8 <unfixed>
+ - ruby1.8 1.8.7.22-2
NOTE: http://www.openwall.com/lists/oss-security/2008/07/02/3
CVE-2008-2375 (Memory leak in a certain Red Hat deployment of vsftpd before
2.0.5 on ...)
- vsftpd <not-affected> (debian versions all include the fix)
@@ -34695,7 +34695,6 @@
CVE-2006-2663 (Multiple cross-site scripting (XSS) vulnerabilities in iFlance
1.1 ...)
NOT-FOR-US: iFlance
CVE-2006-2662 (VMware Server before RC1 does not clear user credentials from
memory ...)
- {DSA-1612-1}
NOT-FOR-US: VMware Server
CVE-2006-2661 (ftutil.c in Freetype before 2.2 allows remote attackers to cause
a ...)
{DSA-1095-1}
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-07-22 18:09:24 UTC (rev 9395)
+++ data/DSA/list 2008-07-22 22:31:56 UTC (rev 9396)
@@ -2,7 +2,7 @@
{CVE-2007-2445 CVE-2007-3476 CVE-2007-3477 CVE-2007-3996}
[etch] - libgd2 2.0.33-5.2etch1
[21 Jul 2008] DSA-1612-1 ruby1.8 - several vulnerabilities
- {CVE-2006-2662 CVE-2008-2376 CVE-2008-2662 CVE-2008-2663 CVE-2008-2664
CVE-2008-2725 CVE-2008-2726}
+ {CVE-2008-2662 CVE-2008-2376 CVE-2008-2662 CVE-2008-2663 CVE-2008-2664
CVE-2008-2725 CVE-2008-2726}
[etch] - ruby1.8 1.8.5-4etch2
[16 Jul 2008] DSA-1611-1 afuse - privilege escalation
{CVE-2008-2232}