Author: jmm-guest Date: 2009-12-19 21:34:50 +0000 (Sat, 19 Dec 2009) New Revision: 13607 Modified: data/CVE/list data/embedded-code-copies Log: more updates on embedded code copies Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-19 21:20:09 UTC (rev 13606) +++ data/CVE/list 2009-12-19 21:34:50 UTC (rev 13607) @@ -1667,7 +1667,6 @@ - bochs <not-affected> (additional hardening in this package prevents this type of attack; bug #559799) - camserv <unfixed> (low; bug #559800) - collectd <unfixed> (low; bug #559801) - - courier-authlib <unfixed> (low; bug #559802) - cvsnt <unfixed> (low; bug #559803) - ggobi 2.1.9~20091212-1 (low; bug #559806) [etch] - ggobi <no-dsa> (Minor issue) @@ -1679,7 +1678,9 @@ - graphicsmagick 1.3.5-6 (low; bug #559811) [lenny] - graphicsmagick <no-dsa> (Minor issue, can be fixed along with later updates) [etch] - graphicsmagick <no-dsa> (Minor issue, can be fixed along with later updates) - - guile-1.6 <unfixed> (low; bug #559813) + - guile-1.6 1.6.8-7 (low; bug #559813) + [etch] - guile-1.6 <no-dsa> (Minor issue) + [lenny] - guile-1.6 <no-dsa> (Minor issue) - hamlib <unfixed> (low; bug #559814) - hercules <unfixed> (low; bug #559815) - jags 1.0.4-1 (low; bug #559816) @@ -1850,7 +1851,7 @@ - vnc4 <unfixed> (low; bug #560949) [etch] - vnc4 <no-dsa> (minor issue) [lenny] - vnc4 <no-dsa> (minor issue) - - xotcl <unfixed> (low; bug #560952) + - xotcl <unfixed> (low; bug #560950) [lenny] - xotcl <no-dsa> (minor issue) CVE-2009-3719 (Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog ...) NOT-FOR-US: Battle Blog @@ -2354,7 +2355,7 @@ - vnc4 <unfixed> (low; bug #560949) [etch] - vnc4 <no-dsa> (minor issue) [lenny] - vnc4 <no-dsa> (minor issue) - - xotcl <unfixed> (low; bug #560952) + - xotcl <unfixed> (low; bug #560950) [lenny] - xotcl <no-dsa> (minor issue) CVE-2009-3559 (** DISPUTED ** ...) - php5 <unfixed> (unimportant) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2009-12-19 21:20:09 UTC (rev 13606) +++ data/embedded-code-copies 2009-12-19 21:34:50 UTC (rev 13607) @@ -1535,7 +1535,8 @@ - bochs <unfixed> (embed; bug #560884) - camserv <unfixed> (embed) - collectd <unfixed> (embed) - - courier-authlib <unfixed> (embed) + - courier-authlib 0.58-4 (embed) + NOTE: The etch version of courier-authlib was the earliest version checked, might be fixed earlier - cvsnt <unfixed> (embed) - dico <not-affected> (Uses the system copy of ltdl) - freeradius 0.1+20010527-1 (embed) @@ -1548,7 +1549,7 @@ - graphicsmagick 1.3.5-6 (embed) - graphviz 2.8-3 (embed) NOTE: The etch version of graphviz was the earliest version checked, might be fixed earlier - - guile-1.6 <unfixed> (embed) + - guile-1.6 1.6.8-7 (embed) - hamlib <unfixed> (embed) - hercules <unfixed> (embed) - jags 1.0.4-3 (embed; bug #560864)