jmm-guest at alioth.debian.org
2008-Nov-21 11:56 UTC
[Secure-testing-commits] r10450 - data/CVE
Author: jmm-guest Date: 2008-11-21 11:56:02 +0000 (Fri, 21 Nov 2008) New Revision: 10450 Modified: data/CVE/list Log: streamripper fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-21 09:14:16 UTC (rev 10449) +++ data/CVE/list 2008-11-21 11:56:02 UTC (rev 10450) @@ -604,8 +604,6 @@ - geshi 1.0.8.1-1 (unimportant; bug #504445) NOTE: its rather an application bug if the input to set_language_path is unfiltered user input NOTE: http://comments.gmane.org/gmane.comp.security.oss.general/1152 - [lenny] - geshi <no-dsa> (Should be sanitised from the app using geshi) - [etch] - geshi <no-dsa> (Should be sanitised from the app using geshi) - dokuwiki 0.0.20080505-3.1 (unimportant; bug #504682) NOTE: DokuWiki passes a static string to $path parameter - pgfouine 1.0-1.1 (unimportant; bug #504681) @@ -737,8 +735,7 @@ CVE-2008-4830 RESERVED CVE-2008-4829 [Streamripper Multiple Buffer Overflow Vulnerabilities] - RESERVED - - streamripper <unfixed> (bug #506377) + - streamripper 1.63.5-2 (bug #506377) NOTE: http://secunia.com/secunia_research/2008-50/ TODO: check version in etch CVE-2008-4828