thr3ads.net - Secure testing commits - [Secure-testing-commits] r12552

If this information is useful, please help other people find it:
Share via:

Nico Golde

2009-Aug-10 18:09 UTC

[Secure-testing-commits] r12552 - data/CVE

Author: nion
Date: 2009-08-10 18:09:16 +0000 (Mon, 10 Aug 2009)
New Revision: 12552

Modified:
   data/CVE/list
Log:
add new libxml issues (CVE-2009-2416, CVE-2009-2414)

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-08-10 17:06:45 UTC (rev 12551)
+++ data/CVE/list	2009-08-10 18:09:16 UTC (rev 12552)
@@ -961,8 +961,10 @@
 	RESERVED
 CVE-2009-2417
 	RESERVED
-CVE-2009-2416
+CVE-2009-2416 [libxml2 pointer-user-after-free]
 	RESERVED
+	- libxml2 <unfixed> (low; bug #540865)
+	[etch] - libxml <unfixed>
 CVE-2009-2415 [heap-based buffer overflow in memcached]
 	RESERVED
 	{DSA-1853-1}
@@ -971,8 +973,10 @@
 	NOTE: the impact varies, on etch this runs as root and is not bound
 	NOTE: to the loopback interface by default, memcached is even distributed
 	NOTE: but fortunately not in a stable release.
-CVE-2009-2414
+CVE-2009-2414 [libxml2 stack recursion]
 	RESERVED
+	- libxml2 <unfixed> (medium; bug #540865)
+	[etch] - libxml <unfixed>
 CVE-2009-2413
 	RESERVED
 CVE-2009-2412 (Multiple integer overflows in the Apache Portable Runtime (APR)
...)

Secure testing commits - Aug 2009 - r12552 - data/CVE

[Secure-testing-commits] r12552 - data/CVE