nion at alioth.debian.org
2009-Jan-17 18:32 UTC
[Secure-testing-commits] r10982 - data/CVE
Author: nion Date: 2009-01-17 18:32:38 +0000 (Sat, 17 Jan 2009) New Revision: 10982 Modified: data/CVE/list Log: cveified amarok Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-01-17 18:20:49 UTC (rev 10981) +++ data/CVE/list 2009-01-17 18:32:38 UTC (rev 10982) @@ -1,3 +1,7 @@ +CVE-2009-0135 [amarok: integer overflows in aa file processing] + - amarok 1.4.10-2 (medium) +CVE-2009-0136 [amarok: index error leading to memory corruption] + - amarok 1.4.10-2 (medium) CVE-2009-0133 (Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier ...) NOT-FOR-US: Microsoft HTML Help Workshop CVE-2009-0132 (Integer overflow in the aio_suspend function in Sun Solaris 8 through ...) @@ -102,8 +106,6 @@ CVE-2009-XXXX [amaya: stack based buffer overflow] - amaya <unfixed> (medium; bug #507587) NOTE: different vector than described in CVE-2008-5282, see 507587#15 -CVE-2009-XXXX [amarok: integer overflow in aa file processing] - - amarok 1.4.10-2 (medium) CVE-2009-XXXX [openslp: insecure cert validation through openssl api misuse] - openslp-dfsg <not-affected> (Debian''s openslp doesn''t build with SSL support) CVE-2009-0114