nion at alioth.debian.org
2008-Oct-07 11:48 UTC
[Secure-testing-commits] r10027 - data/CVE
Author: nion Date: 2008-10-07 11:48:07 +0000 (Tue, 07 Oct 2008) New Revision: 10027 Modified: data/CVE/list Log: libxml2 not affected by CVE-2008-4409 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-07 11:41:25 UTC (rev 10026) +++ data/CVE/list 2008-10-07 11:48:07 UTC (rev 10027) @@ -123,7 +123,8 @@ - linux-2.6 <unfixed> TODO: report bug CVE-2008-4409 (libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities ...) - TODO: check + - libxml2 <not-affected> (Vulnerable code not present, introduced in 2.7.0) + TODO: check again if >= 2.7 gets uploaded CVE-2008-4406 (A certain Debian patch to the run scripts for sabre (aka xsabre) ...) - sabre 0.2.4b-25 (low; bug #433996) [etch] - sabre <no-dsa> (Game not qualified as multi-user system, thus minor issue)