Author: gilbert-guest Date: 2009-12-29 16:04:45 +0000 (Tue, 29 Dec 2009) New Revision: 13672 Modified: data/CVE/list data/embedded-code-copies Log: some removed packages Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-29 05:50:43 UTC (rev 13671) +++ data/CVE/list 2009-12-29 16:04:45 UTC (rev 13672) @@ -2566,6 +2566,7 @@ CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, ...) {DSA-1953-1} - expat 2.0.1-6 (low; bug #560901) + TODO: reissue DSA due to regression in perl xml parser. see http://mail.libexpat.org/pipermail/expat-discuss/2009-December/002644.html (new patch not yet available). - w3c-libwww <removed> [etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps) - python-xml <removed> (low; bug #560951) @@ -3674,9 +3675,9 @@ - mediatomb <unfixed> (low; bug #555232) [lenny] - mediatomb <no-dsa> (minor issue) - op-panel 0.30~dfsg-1 (low; bug #555234) - - ebug-http <unfixed> (low; bug #555235) + - ebug-http <removed> (low; bug #555235) [lenny] - ebug-http <no-dsa> (Minor issue) - - poker-network <unfixed> (low; bug #555237) + - poker-network <removed> (low; bug #555237) [etch] - poker-network <no-dsa> (minor issue) - webhelpers 0.3.4-2 (low; bug #555239) - qwik <unfixed> (low; bug #555240) @@ -40522,9 +40523,9 @@ TODO: [etch] - mt-daapd 0.2.4+r1376-1.1+etch3 - mediatomb 0.11.0-3 (low; bug #555232) - op-panel 0.30~dfsg-1 (low; bug #555234) - - ebug-http <unfixed> (low; bug #555235) + - ebug-http <removed> (low; bug #555235) [lenny] - ebug-http <no-dsa> (Minor issue) - - poker-network <unfixed> (low; bug #555237) + - poker-network <removed> (low; bug #555237) [etch] - poker-network <no-dsa> (minor issue) - webhelpers <not-affected> (fixed since initial inclusion) - qwik <unfixed> (low; bug #555240) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2009-12-29 05:50:43 UTC (rev 13671) +++ data/embedded-code-copies 2009-12-29 16:04:45 UTC (rev 13672) @@ -714,10 +714,10 @@ - knowledgeroot <unfixed> (embed; bug #555230) - mediatomb <unfixed> (embed; bug #555233) - mt-daapd 0.9~r1696.dfsg-6lenny2 (embed) - - ebug-http <unfixed> (embed; bug #555236) + - ebug-http <removed> (embed; bug #555236) - libaws 2.7-1 (embed; bug #555222) - phpgedview <removed> (embed) - - poker-network <unfixed> (embed; bug #555238) + - poker-network <removed> (embed; bug #555238) - rails 2.1.0-6 (embed) - wordpress 2.5.0-2 (embed; bug #555243) - zope <not-affected> (the prototypejs embed is not in any of the obvious zope packages, e.g. zope2.9, zope2.10, zope2.11, and zope3) @@ -1054,7 +1054,7 @@ NOTE: likely fixed earlier, marking etch''s version as fixed linux-2.6 - - kvm <unfixed> (embed; bug #549973) [./kernel/*] + - kvm <removed> (embed; bug #549973) [./kernel/*] - linux-kbuild-2.6 <unfixed> (embed; bug #550379) [./kbuild/*] - kernel-source-2.6.8 <removed> (old-version) - kernel-source-2.4.27 <removed> (old-version) @@ -1063,7 +1063,8 @@ - kernel-source-2.2.20 <removed> (old-version) libfdt (not yet packaged separately for debian; http://www.jdl.com/software/) - - kvm <unfixed> (embed) [./libfdt/*] + - kvm <removed> (embed) [./libfdt/*] + - qemu-kvm <unfixed> (embed) [./libfdt/*] qweb (not packaged) - ajaxterm <unfixed>