white at alioth.debian.org
2008-Oct-28 11:54 UTC
[Secure-testing-commits] r10187 - data/CVE
Author: white Date: 2008-10-28 11:54:29 +0000 (Tue, 28 Oct 2008) New Revision: 10187 Modified: data/CVE/list Log: Add information to these Adobe Flash issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-28 09:13:46 UTC (rev 10186) +++ data/CVE/list 2008-10-28 11:54:29 UTC (rev 10187) @@ -426,7 +426,9 @@ CVE-2008-4547 (Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control ...) NOT-FOR-US: DVRHOST Web CMS CVE-2008-4546 (Adobe Flash Player 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10 ...) - TODO: check + - flashplugin-nonfree <unfixed> + [etch] - flashplugin-nonfree <no-dsa> (Contrib not supported) + [lenny] - flashplugin-nonfree <no-dsa> (Contrib not supported) CVE-2008-4558 (Array index error in VLC media player 0.9.2 allows remote attackers to ...) - vlc <not-affected> (medium; bug #502314) TODO: only 0.9.0->0.9.2 are affected, check if newer upstream version is uploaded to unstable @@ -731,7 +733,9 @@ - aegis <unfixed> (unimportant; bug #496402) NOTE: Only present in example scripts CVE-2008-4401 (ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not ...) - TODO: check + - flashplugin-nonfree 1.7.2 + [etch] - flashplugin-nonfree <no-dsa> (Contrib not supported) + [lenny] - flashplugin-nonfree <no-dsa> (Contrib not supported) CVE-2008-4400 (Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup ...) NOT-FOR-US: CA ARCserve Backup CVE-2008-4399 (Unspecified vulnerability in the database engine service in ...)