Author: white Date: 2010-01-20 14:43:28 +0000 (Wed, 20 Jan 2010) New Revision: 13865 Modified: data/CVE/list Log: gzip issues now public Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-20 14:17:26 UTC (rev 13864) +++ data/CVE/list 2010-01-20 14:43:28 UTC (rev 13865) @@ -1503,8 +1503,9 @@ - linux-2.6.24 <removed> CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...) - bash <not-affected> (mandriva-specific packaging issue) -CVE-2010-0001 +CVE-2010-0001 [gzip: integer underflow via LZW compressed gzip archive] RESERVED + - gzip <unfixed> (medium) CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in ...) NOT-FOR-US: Adobe Reader and Acrobat 8.0 CVE-2009-4323 (The installation for Zen Cart stores sensitive information and ...) @@ -7048,8 +7049,9 @@ [lenny] - sun-java6 <no-dsa> (Non-free not supported) - openjdk-6 6b16-1.6-1 (medium; bug #542210) - libxerces2-java <unfixed> -CVE-2009-2624 +CVE-2009-2624 [gzip: missing input sanitation related to dynamic Huffman codes] RESERVED + - gzip <unfixed> (medium) CVE-2009-2623 RESERVED CVE-2009-2620 (src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before ...)