Author: nion Date: 2008-08-08 10:09:44 +0000 (Fri, 08 Aug 2008) New Revision: 9538 Modified: data/CVE/list Log: NFUs CVE-2008-3444 non-issue CVE-2008-314[2-4] fixed in python2.4/python2.5 in unstable Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-08-08 09:37:50 UTC (rev 9537) +++ data/CVE/list 2008-08-08 10:09:44 UTC (rev 9538) @@ -68,7 +68,7 @@ CVE-2008-3451 (PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with ...) NOT-FOR-US: PhpWebGallery CVE-2008-3450 (Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 ...) - TODO: check + NOT-FOR-US: Solaris CVE-2008-3449 (MailEnable Professional 3.5.2 and Enterprise 3.52 allow remote ...) NOT-FOR-US: MailEnable CVE-2008-3448 (Cross-site scripting (XSS) vulnerability in index.php in common ...) @@ -80,11 +80,12 @@ CVE-2008-3445 (SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 ...) NOT-FOR-US: phpMyRealty CVE-2008-3444 (The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows ...) - TODO: check + - iceweasel <unfixed> (unimportant) + NOTE: browser dos not treated as security issues CVE-2008-3443 RESERVED CVE-2008-3442 (WinZip before 11.0 does not properly verify the authenticity of ...) - TODO: check + NOT-FOR-US: WinZip CVE-2008-3441 (Nullsoft Winamp before 5.24 does not properly verify the authenticity ...) NOT-FOR-US: Nullsoft Winamp CVE-2008-3440 (Sun Java before 1.6.0_03 does not properly verify the authenticity of ...) @@ -725,11 +726,14 @@ CVE-2008-3146 RESERVED CVE-2008-3144 (Multiple integer overflows in the PyOS_vsnprintf function in ...) - TODO: check + - python2.4 2.4.5-5 + - python2.5 2.5.2-7 CVE-2008-3143 (Multiple integer overflows in Python before 2.5.2 might allow ...) - TODO: check + - python2.4 2.4.5-1 + - python2.5 2.5.2-1 CVE-2008-3142 (Multiple buffer overflows in Python 2.5.2 and earlier on 32bit ...) - TODO: check + - python2.5 2.5.2-10 + - python2.4 2.4.5-5 CVE-2008-3136 (SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x ...) NOT-FOR-US: AShop Delux CVE-2008-3135 (Soldner Secret Wars 33724 and earlier allows remote attackers to cause ...)