jmm-guest at alioth.debian.org
2008-Oct-04 12:49 UTC
[Secure-testing-commits] r9993 - data/CVE
Author: jmm-guest
Date: 2008-10-04 12:49:05 +0000 (Sat, 04 Oct 2008)
New Revision: 9993
Modified:
data/CVE/list
Log:
Lenny triage:
- older kernel issue fixed
- kfreebsd still unsupported in Lenny
- ffmpeg crasher unimportant
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-10-04 10:44:30 UTC (rev 9992)
+++ data/CVE/list 2008-10-04 12:49:05 UTC (rev 9993)
@@ -2825,8 +2825,9 @@
CVE-2008-3231 (xine before 1.1.5 allows user-assisted attackers to cause a
denial of ...)
- xine-lib 1.1.14-2 (bug #492870; low)
CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause
a ...)
- - ffmpeg-debian <unfixed> (low; bug #498764)
+ - ffmpeg-debian <unfixed> (unimportant; bug #498764)
- ffmpeg <removed>
+ NOTE: Only a NULL pointer deference, hardly security relevant
CVE-2008-3228 (Joomla! before 1.5.4 does not configure .htaccess to apply
certain ...)
- joomla <itp> (bug #326398)
CVE-2008-3227 (Unspecified vulnerability in Joomla! before 1.5.4 has unknown
impact ...)
@@ -7708,17 +7709,23 @@
- kfreebsd-5 <removed>
[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
- kfreebsd-6 <unfixed>
+ [lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
- kfreebsd-7 <unfixed> (bug #483152)
+ [lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
CVE-2008-1147 (A certain pseudo-random number generator (PRNG) algorithm that
uses ...)
- kfreebsd-5 <removed>
[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
- kfreebsd-6 <unfixed>
+ [lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
- kfreebsd-7 <unfixed> (bug #483152)
+ [lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
CVE-2008-1146 (A certain pseudo-random number generator (PRNG) algorithm that
uses ...)
- kfreebsd-5 <removed>
[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
- kfreebsd-6 <unfixed> (bug #483152)
+ [lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
- kfreebsd-7 <unfixed> (bug #483152)
+ [lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
CVE-2008-1144 (The Marvell driver for the Netgear WN802T Wi-Fi access point
with ...)
NOT-FOR-US: Marvell driver for the Netgear WN802T Wi-Fi access point
CVE-2008-1143
@@ -18468,7 +18475,7 @@
NOTE: Only DoS by memleaks or double-frees, not treated as security problems
CVE-2007-3740 (The CIFS filesystem in the Linux kernel before 2.6.22, when Unix
...)
{DSA-1504-1 DSA-1378-2 DSA-1378-1}
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.22
CVE-2007-3739 (mm/mmap.c in the hugetlb kernel, when run on PowerPC systems,
does not ...)
{DSA-1504-1 DSA-1378-2 DSA-1378-1}
- linux-2.6 2.6.20-1