thijs at alioth.debian.org
2008-Jul-26 17:28 UTC
[Secure-testing-commits] r9422 - data/CVE
Author: thijs Date: 2008-07-26 17:28:03 +0000 (Sat, 26 Jul 2008) New Revision: 9422 Modified: data/CVE/list Log: add etch r4 issues to tracker Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-07-26 17:09:54 UTC (rev 9421) +++ data/CVE/list 2008-07-26 17:28:03 UTC (rev 9422) @@ -1818,7 +1818,8 @@ NOT-FOR-US: FireFTP CVE-2008-2575 (cbrPager before 0.9.17 allows user-assisted remote attackers to ...) - cbrpager 0.9.17-1 (low; bug #482853) - [etch] - cbrpager <no-dsa> (Minor issue) + [etch] - cbrpager 0.9.14-3+etch1 + NOTE: Minor issue fixed in 4.0r4 point release CVE-2008-XXXX [resizing the monitor with xrandr can crash xscreensaver] - xscreensaver 5.05-3 (unimportant; bug #482385) CVE-2008-2516 (pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not ...) @@ -2344,8 +2345,8 @@ NOTE: See CVE-2004-2265, where the problem occured as well CVE-2008-2302 (Cross-site scripting (XSS) vulnerability in the login form in the ...) - python-django 0.96.2-1 (bug #481164; low) - [etch] - python-django <no-dsa> (Minor issue) - TODO: next point release: [etch] - python-django 0.95.1-1etch1 + [etch] - python-django 0.95.1-1etch1 + NOTE: Minor issue fixed in 4.0r4 point release CVE-2008-2162 (Cross-site scripting (XSS) vulnerability in SonicWall Email Security ...) NOT-FOR-US: SonicWall Email Security CVE-2008-2161 (Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly ...) @@ -12485,7 +12486,8 @@ NOT-FOR-US: HP-UX CVE-2007-5007 (Stack-based buffer overflow in the ir_fetch_seq function in balsa ...) - balsa 2.3.20-1 (low) - [etch] - balsa <no-dsa> (Minor issue) + [etch] - balsa 2.3.13-3 + NOTE: Minor issue fixed in 4.0r4 point release [sarge] - balsa <no-dsa> (Minor issue) NOTE: attacker needs to get the victim a prepared server to use CVE-2007-5006 (Multiple command handlers in CA (Computer Associates) BrightStor ...) @@ -19328,7 +19330,8 @@ - proftpd 1.3.0-24 (low) [sarge] - proftpd <no-dsa> (Minor issue) - proftpd-dfsg 1.3.0-24 (low) - [etch] - proftpd-dfsg <no-dsa> (Minor issue) + [etch] - proftpd-dfsg 1.3.0-19etch1 + NOTE: Minor issue Fixed in 4.0r4 point release CVE-2007-2164 (Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial ...) - kdelibs <unfixed> (unimportant) NOTE: Browser crashes are not treated as security problems