atomo64-guest at alioth.debian.org
2008-Nov-05 22:16 UTC
[Secure-testing-commits] r10290 - data/CVE
Author: atomo64-guest Date: 2008-11-05 22:16:12 +0000 (Wed, 05 Nov 2008) New Revision: 10290 Modified: data/CVE/list Log: The php-geshi issue has been fixed, processed some windows-specific CVEs Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-05 21:14:10 UTC (rev 10289) +++ data/CVE/list 2008-11-05 22:16:12 UTC (rev 10290) @@ -7,7 +7,7 @@ CVE-2008-4928 (Cross-site scripting (XSS) vulnerability in the redirect function in ...) TODO: check CVE-2008-4927 (Microsoft Windows Media Player (WMP) 9.0 through 11 allows ...) - TODO: check + NOT-FOR-US: Microsoft Windows Media Player CVE-2008-4926 (Multiple insecure method vulnerabilities in MW6 Technologies PDF417 ...) TODO: check CVE-2008-4925 (Multiple insecure method vulnerabilities in MW6 Technologies ...) @@ -17,7 +17,7 @@ CVE-2008-4923 (Multiple insecure method vulnerabilities in MW6 Technologies Aztec ...) TODO: check CVE-2008-4922 (Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office ...) - TODO: check + NOT-FOR-US: DjVu ActiveX CVE-2008-4921 (board/admin/reguser.php in Chipmunk CMS 1.3 allows remote attackers to ...) TODO: check CVE-2008-4920 (Directory traversal vulnerability in Agavi 1.0.0 beta 5 and earlier ...) @@ -111,7 +111,7 @@ - dovecot <not-affected> (Vulnerable code not present prior to 1.1.4) TODO: check again if >= 1.1.4 gets uploaded CVE-2008-XXXX [GeSHi: Unspecified Code Execution Vulnerability] - - php-geshi <unfixed> (bug #504445) + - php-geshi 1.0.8.1-1 (bug #504445) NOTE: This is SA32559, no CVE yet TODO: check if version in stable is also affected, which is very likely CVE-2008-6432