Secure testing commits - Oct 2008 - r10198 - data/CVE

Author: white
Date: 2008-10-29 10:25:58 +0000 (Wed, 29 Oct 2008)
New Revision: 10198

Modified:
   data/CVE/list
Log:
New libgadu issue, remote DoS in lib used by messanging clients, low issue;
lazarus unimportant  as the script is not actively used by users and not
automatically invoked

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-10-29 09:47:02 UTC (rev 10197)
+++ data/CVE/list	2008-10-29 10:25:58 UTC (rev 10198)
@@ -1,3 +1,6 @@
+CVE-2008-4776 [libgadu: DoS via a contact description with a large length]
+	- libgadu <unfixed> (low; bug #503916)
+	[etch] - libgadu <no-dsa> (DoS in messanging client is rather low
priority)
 CVE-2008-4769 (Directory traversal vulnerability in the get_category_template
...)
 	- wordpress 2.5.1-1
 CVE-2008-4768 (SQL injection vulnerability in TLM CMS 3.1 allows remote
attackers to ...)
@@ -2511,7 +2514,7 @@
 	- vdr 1.6.0-6 (low; bug #496421)
 	[etch] - vdr <not-affected> (Vulnerable code not present)
 CVE-2008-XXXX [lazarus: insecure temp file]
-	- lazarus 0.9.24-0-11 (low; bug #496377)
+	- lazarus 0.9.24-0-11 (unimportant; bug #496377)
 CVE-2008-XXXX [crossfire-maps: insecure temp file]
 	- crossfire-maps 1.11.0-2 (low; bug #496358)
 	[etch] - crossfire-maps <no-dsa> (Minor issue)