Author: sf Date: 2008-11-29 22:54:25 +0000 (Sat, 29 Nov 2008) New Revision: 10537 Modified: data/CVE/list Log: new valgrind issue new linux issues NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-29 22:19:32 UTC (rev 10536) +++ data/CVE/list 2008-11-29 22:54:25 UTC (rev 10537) @@ -156,7 +156,8 @@ - cups 1.3.8-1 TODO: check if version in etch is affected CVE-2008-5182 (The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might ...) - TODO: check + - linux-2.6 <unfixed> + [etch] - linux-2.6.24 <unfixed> CVE-2008-5181 (Microsoft Communicator allows remote attackers to cause a denial of ...) NOT-FOR-US: Microsoft Communicator CVE-2008-5180 (Microsoft Communicator allows remote attackers to cause a denial of ...) @@ -282,7 +283,8 @@ CVE-2008-5135 (** DISPUTED ** ...) - os-prober <unfixed> (unimportant) CVE-2008-5134 (Buffer overflow in the lbs_process_bss function in ...) - TODO: check + - linux-2.6 <unfixed> + [etch] - linux-2.6.24 <unfixed> CVE-2008-5133 (ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, ...) NOT-FOR-US: ipnat CVE-2008-5183 (cupsd in CUPS before 1.3.8 allows local users, and possibly remote ...) @@ -333,7 +335,7 @@ CVE-2008-5111 (Unspecified vulnerability in the socket function in Sun Solaris 10 and ...) NOT-FOR-US: Solaris CVE-2008-5109 (The default configuration of Adobe Flash Media Server (FMS) 3.0 does ...) - TODO: check + NOT-FOR-US: Adobe Flash CVE-2008-5108 (Unspecified vulnerability in Adobe AIR 1.1 and earlier allows ...) NOT-FOR-US: Adobe AIR CVE-2008-5107 (The installation process for Citrix Presentation Server 4.5 and ...) @@ -854,7 +856,7 @@ - gstreamer0.10-ffmpeg 0.10.3-2 [etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present) CVE-2008-4865 (Untrusted search path vulnerability in valgrind allows local users to ...) - TODO: check + - valgrind <unfixed> (low; bug filed) CVE-2008-4864 (Multiple integer overflows in imageop.c in the imageop module in ...) - python2.5 2.5.2-12 (bug #504619) - python2.4 2.4.5-6 (bug #504620) @@ -952,15 +954,15 @@ CVE-2008-4818 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player ...) TODO: check CVE-2008-4817 (The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 ...) - TODO: check + NOT-FOR-US: Adobe Acrobat CVE-2008-4816 (Unspecified vulnerability in the Download Manager in Adobe Reader ...) NOT-FOR-US: Adobe Reader on Windows CVE-2008-4815 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 ...) - TODO: check + NOT-FOR-US: Adobe Acrobat CVE-2008-4814 (Unspecified vulnerability in a JavaScript method in Adobe Reader and ...) - TODO: check + NOT-FOR-US: Adobe Acrobat CVE-2008-4813 (Adobe Reader and Acrobat 8.1.2 and earlier allow remote attackers to ...) - TODO: check + NOT-FOR-US: Adobe Acrobat CVE-2008-4812 (Array index error in Adobe Reader and Acrobat, and the Explorer ...) NOT-FOR-US: Adobe Reader Explorer extension CVE-2008-4811 (The _expand_quoted_text function in libs/Smarty_Compiler.class.php in ...)