Author: gilbert-guest Date: 2009-12-13 16:37:52 +0000 (Sun, 13 Dec 2009) New Revision: 13541 Modified: data/CVE/list data/embedded-code-copies Log: some expat updates Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-13 15:37:41 UTC (rev 13540) +++ data/CVE/list 2009-12-13 16:37:52 UTC (rev 13541) @@ -4,6 +4,7 @@ - gif2png 2.5.2-1 (low; bug #550978) [etch] - gif2png <no-dsa> (minor issue) [lenny] - gif2png <no-dsa> (minor issue) + TODO: recheck (see bug) CVE-2009-XXXX [browser-based css info disclosure] - xulrunner <unfixed> (low; bug #560108) - webkit <unfixed> (low; bug #560870) @@ -1501,7 +1502,7 @@ [lenny] - tdom <no-dsa> (minor issue) - udunits <unfixed> (low; bug #560922) - apr-util <not-affected> (links to system expat) - - ayttm <unfixed> (low; bug #560924) + - ayttm 0.6.1-2 (low; bug #560924) [etch] - ayttm <no-dsa> (minor issue) [lenny] - ayttm <no-dsa> (minor issue) - cableswig <unfixed> (low; bug #560925) @@ -1510,9 +1511,8 @@ - cadaver <unfixed> (low; bug #560926) [etch] - cadaver <no-dsa> (minor issue) [lenny] - cadaver <no-dsa> (minor issue) - - cmake <unfixed> (low; bug #560927) + - cmake 2.6.0-6 (low; bug #560927) [etch] - cmake <no-dsa> (minor issue) - [lenny] - cmake <no-dsa> (minor issue) - coin3 <unfixed> (low; bug #560928) - gdcm <unfixed> (low; bug #560929) - ghostscript <unfixed> (low; bug #560930) @@ -1998,7 +1998,7 @@ CVE-2009-3561 (Directory traversal vulnerability in Xerver HTTP Server 4.32 allows ...) NOT-FOR-US: Xerver HTTP Server CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, ...) - - expat <unfixed> (low; bug #560901) + - expat 2.0.1-6 (low; bug #560901) - w3c-libwww <removed> [etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps) - python-xml <removed> (low; bug #560951) @@ -2032,7 +2032,7 @@ [lenny] - tdom <no-dsa> (minor issue) - udunits <unfixed> (low; bug #560922) - apr-util <not-affected> (links to system expat) - - ayttm <unfixed> (low; bug #560924) + - ayttm 0.6.1-2 (low; bug #560924) [etch] - ayttm <no-dsa> (minor issue) [lenny] - ayttm <no-dsa> (minor issue) - cableswig <unfixed> (low; bug #560925) @@ -2041,9 +2041,8 @@ - cadaver <unfixed> (low; bug #560926) [etch] - cadaver <no-dsa> (minor issue) [lenny] - cadaver <no-dsa> (minor issue) - - cmake <unfixed> (low; bug #560927) + - cmake 2.6.0-6 (low; bug #560927) [etch] - cmake <no-dsa> (minor issue) - [lenny] - cmake <no-dsa> (minor issue) - coin3 <unfixed> (low; bug #560928) - gdcm <unfixed> (low; bug #560929) - ghostscript <unfixed> (low; bug #560930) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2009-12-13 15:37:41 UTC (rev 13540) +++ data/embedded-code-copies 2009-12-13 16:37:52 UTC (rev 13541) @@ -1081,8 +1081,8 @@ - w3c-libwww <removed> (embed; bug #551941) [etch] - w3c-libwww <unfixed> (embed; bug #551941) [./modules/expat/*] - python-xml <unfixed> (embed; bug #551940) [./extensions/expat/*] - - python2.5 <unfixed> (embed; bug #553403) [./Modules/expat/*] - - python2.4 <unfixed> (embed; bug #553403) + - python2.5 <unfixable> (embed; bug #553403) [./Modules/expat/*] + - python2.4 <unfixable> (embed; bug #553403) - python-4suite <unfixed> (embed; bug #516935) - wxwindows2.4 <removed> (embed) - wxwidgets2.6 <unfixed> (embed) @@ -1093,10 +1093,10 @@ - tdom <unfixed> (embed) - udunits <unfixed> (embed) - apr-util 1.2 (embed) - - ayttm <unfixed> (embed) + - ayttm <unfxed> (embed; bug #561006) - cableswig <unfixed> (embed) - cadaver <unfixed> (embed) - - cmake <unfixed> (embed) + - cmake 2.6.0-6 (embed) - coin3 <unfixed> (embed) - gdcm <unfixed> (embed) - ghostscript <unfixed> (embed) @@ -1549,7 +1549,7 @@ - guile-1.6 <unfixed> (embed) - hamlib <unfixed> (embed) - hercules <unfixed> (embed) - - jags <unfixed> (embed; bug #560864) + - jags 1.0.4-3 (embed; bug #560864) - kdelibs <unfixed> (embed) - libannodex <removed> (embed) - libextractor <unfixed> (embed)