jmm-guest at alioth.debian.org
2009-Jan-08 20:06 UTC
[Secure-testing-commits] r10893 - data/CVE
Author: jmm-guest Date: 2009-01-08 20:06:49 +0000 (Thu, 08 Jan 2009) New Revision: 10893 Modified: data/CVE/list Log: older ktorrent issues don''t affect Etch Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-01-08 10:59:56 UTC (rev 10892) +++ data/CVE/list 2009-01-08 20:06:49 UTC (rev 10893) @@ -14,7 +14,7 @@ CVE-2008-5842 (Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens ...) NOT-FOR-US: Fujitsu-Siemens WebTransactions CVE-2004-2761 (The MD5 Message-Digest Algorithm is not collision resistant, which ...) - TODO: check + NOT-FOR-US: General MD5 weakness, doesn''t need to tracked package-wise CVE-2008-XXXX [auctex insecure temp file] - auctex 11.83-7.3 (bug #506961) CVE-2008-5841 (Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier ...) @@ -1461,7 +1461,7 @@ - mediawiki 1:1.13.3-1 (bug #508869) CVE-2008-5249 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through ...) - mediawiki <not-affected> (vulnerable code was introduced in 1.13.0) - TODO: [experimental] - mediawiki 1:1.13.3-1 (bug #508868) + NOTE: Fixed for the 1.13 branch in experimental: 1:1.13.3-1, bug #508868 CVE-2008-5276 (Integer overflow in the ReadRealIndex function in real.c in the Real ...) - vlc <not-affected> (vulnerable code not present) NOTE: affected versions are >= 0.9.x (experimental) @@ -2498,6 +2498,8 @@ CVE-2008-XXXX [ktorrent issues] - ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178) - ktorrent 3.1.4+dfsg.1-1 + [etch] - ktorrent <not-affected> (Doesn''t include the web interface) + NOTE: CVE requested CVE-2008-XXXX [epiphany-browser: Python scripts load modules from current directory] - epiphany-browser 2.22.3-7 (bug #504363; low) [etch] - epiphany-browser <no-dsa> (Minor issue, only vulnerable when called from certain dir)