Author: geissert
Date: 2009-10-24 18:23:19 +0000 (Sat, 24 Oct 2009)
New Revision: 13087
Modified:
data/CVE/list
Log:
oo.o issues update as per email by maintainer
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-10-24 13:23:29 UTC (rev 13086)
+++ data/CVE/list 2009-10-24 18:23:19 UTC (rev 13087)
@@ -1208,8 +1208,7 @@
CVE-2009-3240 (Cross-site scripting (XSS) vulnerability in the Happy Linux
XF-Section ...)
NOT-FOR-US: module for XOOPS
CVE-2009-3239 (Buffer overflow in the EMF parser implementation in
OpenOffice.org ...)
- - openoffice.org <unfixed>
- TODO: check
+ NOTE: dup of CVE-2009-2139 and CVE-2009-2140, reported to mitre
CVE-2009-3238 (The get_random_int function in drivers/char/random.c in the
Linux ...)
- linux-2.6 2.6.30-1 (low)
- linux-2.6.24 <removed> (low)
@@ -4953,8 +4952,7 @@
CVE-2008-6833 (Directory traversal vulnerability in commsrss.php in fuzzylime
(cms) ...)
NOT-FOR-US: fuzzylime
CVE-2009-2140 (Multiple heap-based buffer overflows in ...)
- - openoffice.org <unfixed>
- TODO: check
+ - openoffice.org <not-affected> (bug introduced by a patch not applied
to the deb)
CVE-2009-2139 (Heap-based buffer overflow in
svtools/source/filter.vcl/wmf/enhwmf.cxx ...)
{DSA-1880-1}
- openoffice.org 1:3.1.1~ooo310m15-1