Author: nion Date: 2009-05-05 14:42:28 +0000 (Tue, 05 May 2009) New Revision: 11794 Modified: data/CVE/list Log: - new kfreebsd-7 issue doesn''t affect us - CVE-2009-14[15-17] fixed ingnutls26 2.6.6-1, -15 and -16 don''t affect etch/lenny Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-05-05 14:28:10 UTC (rev 11793) +++ data/CVE/list 2009-05-05 14:42:28 UTC (rev 11794) @@ -242,7 +242,7 @@ CVE-2009-1437 (Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka ...) NOT-FOR-US: CoolPlayer CVE-2009-1436 (The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and ...) - TODO: check + - kfreebsd-7 <not-affected> (kfreebsd uses a different libc version) CVE-2009-1435 (NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 ...) NOT-FOR-US: Trend Micro OfficeScan CVE-2009-1434 (Cross-site request forgery (CSRF) vulnerability in Foswiki before ...) @@ -288,11 +288,15 @@ CVE-2009-1418 RESERVED CVE-2009-1417 (gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and ...) - TODO: check + - gnutls26 2.6.6-1 (medium) CVE-2009-1416 (lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates ...) - TODO: check + - gnutls26 2.6.6-1 (medium) + [lenny] - gnutls26 <not-affected> (Vulnerable code not present) + [etch] - gnutls26 <not-affected> (Vulnerable code not present) CVE-2009-1415 (lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not ...) - TODO: check + - gnutls26 2.6.6-1 (medium) + [lenny] - gnutls26 <not-affected> (Vulnerable code not present) + [etch] - gnutls26 <not-affected> (Vulnerable code not present) CVE-2009-1414 (Google Chrome 2.0.x lets modifications to the global object persist ...) - chromium-browser <itp> (bug #520324) CVE-2009-1413 (Google Chrome 1.0.x does not cancel timeouts upon a page transition, ...)