Author: fw
Date: 2009-05-09 19:22:03 +0000 (Sat, 09 May 2009)
New Revision: 11857
Modified:
data/CVE/list
data/DSA/list
Log:
more cleanups
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-05-09 19:16:26 UTC (rev 11856)
+++ data/CVE/list 2009-05-09 19:22:03 UTC (rev 11857)
@@ -18403,7 +18403,6 @@
CVE-2008-0657 (Multiple unspecified vulnerabilities in the Java Runtime
Environment ...)
- sun-java6 6-02-1
- sun-java5 1.5.0-14-1
- [etch] - sun-java5 <no-dsa> (Non-free not supported)
[etch] - sun-java5 1.5.0-14-1etch1
CVE-2008-0656 (Unrestricted file upload vulnerability in dmclTrace.jsp in EMC
...)
NOT-FOR-US: Documentum Administrator and Webtop
@@ -19320,7 +19319,6 @@
CVE-2007-6688 (Unspecified vulnerability in the Installation application in
Menalto ...)
- gallery <not-affected> (Vulnerable code not present)
- gallery2 2.2.4-1 (bug #457644)
- - gallery <not-affected> (Vulnerable code not present)
CVE-2007-6687 (Multiple cross-site scripting (XSS) vulnerabilities in Menalto
Gallery ...)
- gallery2 2.2.4-1 (bug #457644)
- gallery <not-affected> (Vulnerable code not present)
@@ -30441,12 +30439,10 @@
CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before
...)
- sun-java5 1.5.0-11-1 (medium)
[etch] - sun-java5 1.5.0-14-1etch1
- [etch] - sun-java5 <no-dsa> (Non-free not supported)
- sun-java6 6-01-1 (bug #422403)
CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun
Java ...)
- sun-java5 1.5.0-11-1 (medium)
[etch] - sun-java5 1.5.0-14-1etch1
- [etch] - sun-java5 <no-dsa> (Non-free not supported)
- sun-java6 6-01-1 (bug #422403)
CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1)
...)
NOT-FOR-US: LeadTools Raster Thumbnail Object Library
@@ -40284,7 +40280,6 @@
- iceweasel 2.0+dfsg-1 (high)
- icedove 1.5.0.8-1 (medium)
- mozilla <unfixed> (medium)
- [sarge] - mozilla <not-affected> (Vulnerable code not present)
- xulrunner 1.5.0.8-1 (high)
- mozilla-firefox <removed>
- mozilla-thunderbird <removed>
@@ -42245,7 +42240,6 @@
NOT-FOR-US: IBM Lotus Domino
CVE-2006-4842 (The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as
used in ...)
- xulrunner 1.8.0.9-1 (low; bug #405062)
- [sarge] - mozilla <unfixed> (low)
[sarge] - mozilla <no-dsa> (Minor issue)
NOTE: could not find setuid binary in sid, but evolution-data-server has a
setgid mail binary
NOTE: see https://bugzilla.mozilla.org/show_bug.cgi?id=351470
@@ -67351,10 +67345,7 @@
NOT-FOR-US: CubeCert
CVE-2005-0605 (scan.c for LibXPM may allow attackers to execute arbitrary code
via a ...)
{DSA-723-1}
- NOTE: lesstif2
- - lesstif1-1 1:0.93.94-11.1 (bug #298183; bug #299236)
- NOTE: lesstif1
- - lesstif1-1 1:0.93.94-11.3 (bug #300421)
+ - lesstif2 1:0.93.94-11.1 (bug #298183; bug #299236)
NOTE: libxmp4 is the real culprit
- xfree86 4.3.0.dfsg.1-13
- xorg-x11 <not-affected> (Fixed before upload into archive)
@@ -74704,7 +74695,6 @@
CVE-2003-0204 (KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to
...)
{DSA-296 DSA-293 DSA-284}
- kdebase 4:3.1.0-1
- - kdebase 4:3.1.0-1
- kdegraphics 4:3.1.0-1
CVE-2003-0203 (Buffer overflow in moxftp 2.2 and earlier allows remote
malicious FTP ...)
{DSA-281}
Modified: data/DSA/list
==================================================================---
data/DSA/list 2009-05-09 19:16:26 UTC (rev 11856)
+++ data/DSA/list 2009-05-09 19:22:03 UTC (rev 11857)
@@ -5293,7 +5293,6 @@
[woody] - kernel-source-2.4.18 2.4.18-13
[woody] - kernel-image-2.4.18-1-i386 2.4.18-11
[woody] - kernel-image-2.4.18-i386bf 2.4.18-5woody4
- [woody] - kernel-source-2.4.18 2.4.18-13
[woody] - kernel-image-2.4.18-1-alpha 2.4.18-10.
[31 Jul 2003] DSA-357 wu-ftpd - remote root exploit
{CVE-2003-0466}