Author: gilbert-guest Date: 2009-07-05 19:15:23 +0000 (Sun, 05 Jul 2009) New Revision: 12278 Modified: data/CVE/list Log: tracking some new minor issues; most not severe enough to warrant a dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-07-05 18:42:02 UTC (rev 12277) +++ data/CVE/list 2009-07-05 19:15:23 UTC (rev 12278) @@ -1,3 +1,16 @@ +CVE-2009-XXXX [xscreensaver: symlink attack enables local information disclosure] + - xscreensaver <not-affected> (does not run setuid in debian) + NOTE: http://bugs.debian.org/535870 +CVE-2009-XXXX [libdkim: signature parsing is not thread-safe] + - libdkim <unfixed> (low; bug #532740) +CVE-2009-XXXX [libsndfile: potential dos via crafted input] + - libsndfile <unfixed> (low; bug #530831) + [etch] - libsndfile <no-dsa> (minor issue) + [lenny] - libsndfile <no-dsa> (minor issue) +CVE-2009-XXXX [mimedecode: potential dos/crash due to invalid input] + - mimedecode <unfixed> (low; bug #530430) + [etch] - mimedecode <no-dsa> (minor issue) + [lenny] - mimedecode <no-dsa> (minor issue) CVE-2009-XXXX [stardict: potential to broadcast clipboard contents across internet] - stardict <unfixed> (low; bug #534731) CVE-2009-2313 (Directory traversal vulnerability in index.php in Jinzora Media ...)