Author: derevko-guest Date: 2009-05-06 13:55:50 +0000 (Wed, 06 May 2009) New Revision: 11814 Modified: data/CVE/list Log: etch version of libmodplug not affected by libmodplug buffer overflow in PAT sampler gst-plugins-bad0.10 in testing and unstable builds against an external libmodplug. gst-plugins-bad0.10 in stable and oldstable: Vulnerable code not present Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-05-06 13:07:25 UTC (rev 11813) +++ data/CVE/list 2009-05-06 13:55:50 UTC (rev 11814) @@ -36,8 +36,10 @@ NOTE: CVE id requested CVE-2009-XXXX [libmodplug buffer overflow in PAT sampler] - libmodplug <unfixed> (medium; bug #526084) - - gst-plugins-bad0.10 <unfixed> (medium; bug #527077) + - gst-plugins-bad0.10 <not-affected> (Vulnerable code not present; bug #527077) + [etch] - libmodplug <not-affected> (Vulnerable code not present) NOTE: CVE id requested on oss-sec + NOTE: gst-plugins-bad0.10 in testing and unstable builds against an external libmodplug. CVE-2009-XXXX [clamav milter init script "typo"] - clamav <not-affected> (Vulnerable code not present) NOTE: from what I see this code was never uploaded to the debian archive