Author: gilbert-guest Date: 2010-01-25 01:42:55 +0000 (Mon, 25 Jan 2010) New Revision: 13909 Modified: data/CVE/list Log: pass on openjdk issues to the maintainer and mark as undetermined (cleans up the todo list quite a bit) Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-25 01:35:41 UTC (rev 13908) +++ data/CVE/list 2010-01-25 01:42:55 UTC (rev 13909) @@ -3149,7 +3149,6 @@ - pinball 0.3.1-11 (low; bug #559825) [lenny] - pinball <no-dsa> (Minor issue) [etch] - pinball <no-dsa> (Minor issue) - TODO: insufficient solution: only added depends libltdl-dev? - redland 1.0.10-1 (low; bug #559826) [etch] - redland <not-affected> (Versions prior to 1.0.9 don''t use libtool/libltdl) [lenny] - redland <not-affected> (Versions prior to 1.0.9 don''t use libtool/libltdl) @@ -6914,14 +6913,14 @@ [lenny] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-15-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-2675 (Integer overflow in the unpack200 utility in Sun Java Runtime ...) - sun-java5 1.5.0-20-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-15-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-2674 (Integer overflow in javaws.exe in Sun Java Web Start in Sun Java ...) - sun-java5 1.5.0-20-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) @@ -11865,42 +11864,42 @@ - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1106 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime ...) - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1105 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime ...) - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1104 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime ...) - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1103 (Unspecified vulnerability in the Java Plug-in in Java SE Development ...) - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1102 (Unspecified vulnerability in the Virtual Machine in Java SE ...) - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1101 (Unspecified vulnerability in the lightweight HTTP server ...) {DSA-1769-1} - sun-java6 6-13-1 (bug #521414) @@ -11908,24 +11907,24 @@ - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1100 (Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) ...) - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) CVE-2009-1099 (Integer signedness error in Java SE Development Kit (JDK) and Java ...) - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1098 (Buffer overflow in Java SE Development Kit (JDK) and Java Runtime ...) {DSA-1769-1} - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1097 (Multiple buffer overflows in Java SE Development Kit (JDK) and Java ...) {DSA-1769-1} - sun-java6 6-13-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1096 (Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java ...) {DSA-1769-1} - sun-java6 6-13-1 (bug #521414) @@ -11933,7 +11932,7 @@ - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1095 (Integer overflow in unpack200 in Java SE Development Kit (JDK) and ...) {DSA-1769-1} - sun-java6 6-13-1 (bug #521414) @@ -11941,7 +11940,7 @@ - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1094 (Unspecified vulnerability in the LDAP implementation in Java SE ...) {DSA-1769-1} - sun-java6 6-13-1 (bug #521414) @@ -11949,12 +11948,12 @@ - sun-java5 1.5.0-18-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) [lenny] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1093 (LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java ...) {DSA-1769-1} - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566769) CVE-2009-1962 (Xfig in Debian GNU/Linux, possibly 3.2.5, allows local users to read ...) - xfig 1:3.2.5.a-1 [etch] - xfig <no-dsa> (Minor issue) @@ -22853,66 +22852,66 @@ - sun-java5 1.5.0-16-1 (bug #490260) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3114 (Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 ...) - sun-java5 1.5.0-16-1 (bug #490260) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3113 (Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 ...) - sun-java5 1.5.0-16-1 (bug #490260) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 <not-affected> (Only for sun-java5) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3112 (Directory traversal vulnerability in Sun Java Web Start in JDK and JRE ...) - sun-java5 1.5.0-16-1 (bug #490260) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3111 (Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 ...) - sun-java5 1.5.0-16-1 (bug #490260) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-04-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3110 (Unspecified vulnerability in scripting language support in Sun Java ...) - sun-java5 <not-affected> (Only for sun-java6) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3109 (Unspecified vulnerability in scripting language support in Sun Java ...) - sun-java5 <not-affected> (Only for sun-java6) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3108 (Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE ...) - sun-java5 1.5.0-10-1 (bug #490260) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 <not-affected> (Only for sun-java5) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3107 (Unspecified vulnerability in the Virtual Machine in Sun Java Runtime ...) - sun-java5 1.5.0-16-1 (bug #490260) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3106 (Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK ...) - sun-java5 1.5.0-16-1 (bug #490260) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3105 (Unspecified vulnerability in the JAX-WS client and service in Sun Java ...) - sun-java5 <not-affected> (Only for sun-java6) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3104 (Multiple unspecified vulnerabilities in Sun Java Runtime Environment ...) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java5 1.5.0-16-1 (bug #490260) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3103 (Unspecified vulnerability in the Java Management Extensions (JMX) ...) [etch] - sun-java5 <no-dsa> (Non-free not supported) - sun-java5 1.5.0-16-1 (bug #490260) - sun-java6 6-07-1 (bug #490260) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-3102 (Mantis 1.1.x through 1.1.2 and 1.2.x through 1.2.0a2 does not set the ...) - mantis 1.1.2+dfsg-6 (low; bug #501179) CVE-2008-3101 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...) @@ -27409,61 +27408,61 @@ - sun-java6 6-05-1 (medium) - sun-java5 1.5.0-15-1 (medium) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1195 (Unspecified vulnerability in Sun JDK and Java Runtime Environment ...) - sun-java6 6-05-1 (low) - sun-java5 1.5.0-15-1 (low) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1194 (Multiple unspecified vulnerabilities in the color management library ...) - sun-java6 6-05-1 (unimportant) - sun-java5 1.5.0-15-1 (unimportant) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1193 (Unspecified vulnerability in Java Runtime Environment Image Parsing ...) - sun-java6 6-05-1 (low) - sun-java5 1.5.0-15-1 (low) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1192 (Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 ...) - sun-java6 6-05-1 (medium) - sun-java5 1.5.0-15-1 (medium) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1191 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 ...) - sun-java6 6-05-1 (medium) - sun-java5 1.5.0-15-1 (medium) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1190 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 ...) - sun-java6 6-05-1 (medium) - sun-java5 <not-affected> (No more information by sun) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1189 (Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and ...) - sun-java6 6-05-1 (medium) - sun-java5 1.5.0-15-1 (medium) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1188 (Multiple buffer overflows in the useEncodingDecl function in Java Web ...) - sun-java6 6-05-1 (medium) - sun-java5 1.5.0-15-1 (medium) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1187 (Unspecified vulnerability in Sun Java Runtime Environment (JRE) and ...) - sun-java6 6-05-1 (low) - sun-java5 1.5.0-15-1 (low) [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1186 (Unspecified vulnerability in the Virtual Machine for Sun Java Runtime ...) - sun-java6 6-05-1 - sun-java5 1.5.0-15-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1185 (Unspecified vulnerability in the Virtual Machine for Sun Java Runtime ...) - sun-java6 6-05-1 - sun-java5 1.5.0-15-1 [etch] - sun-java5 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-1184 (The DNSSEC validation library (libval) library in dnssec-tools before ...) - dnssec-tools <not-affected> (first version in Debian was 1.4.1) CVE-2008-1183 (Multiple cross-site scripting (XSS) vulnerabilities in Crafty Syntax ...) @@ -28678,7 +28677,7 @@ - sun-java6 6-02-1 - sun-java5 1.5.0-14-1 [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-0656 (Unrestricted file upload vulnerability in dmclTrace.jsp in EMC ...) NOT-FOR-US: Documentum Administrator and Webtop CVE-2008-0655 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat ...) @@ -28747,7 +28746,7 @@ CVE-2008-0628 (The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 ...) - sun-java6 6-04-1 - sun-java5 <not-affected> (referring to sun this vulnerability is not present in java5) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566770) CVE-2008-0627 REJECTED CVE-2008-0626 @@ -32898,7 +32897,7 @@ - sun-java6 6-03-1 (medium) - sun-java5 1.5.0-13-1 (medium) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-5688 (Multiple SQL injection vulnerabilities in directory.php in the ...) NOT-FOR-US: Multi Host Forum Pro CVE-2007-5687 (Multiple buffer overflows in the rich text processing functionality in ...) @@ -34288,7 +34287,7 @@ - sun-java6 6-03-1 (low) - sun-java5 1.5.0-13-1 (low) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-5374 (cp_memberedit.php in LightBlog 8.4.1.1 does not check for ...) NOT-FOR-US: LightBlog CVE-2007-5373 (ldapscripts 1.4 and 1.7 sends a password as a command line argument ...) @@ -34533,12 +34532,12 @@ - sun-java6 6-03-1 (low) - sun-java5 1.5.0-13-1 (low) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-5273 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and ...) - sun-java6 6-03-1 (low) - sun-java5 1.5.0-13-1 (low) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-5272 (SQL injection vulnerability in kategori.asp in Furkan Tastan Blog ...) NOT-FOR-US: Furkan Tastan Blog CVE-2007-5271 (Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS ...) @@ -34657,23 +34656,23 @@ - sun-java6 6-03-1 (low) - sun-java5 1.5.0-13-1 (low) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-5239 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE ...) - sun-java6 6-03-1 (low) - sun-java5 1.5.0-13-1 (low) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-5238 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE ...) - sun-java6 6-03-1 (unimportant) - sun-java5 1.5.0-13-1 (unimportant) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) NOTE: Leaked information hardly sensitive CVE-2007-5237 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not ...) - sun-java6 6-03-1 (medium) - sun-java5 1.5.0-13-1 (medium) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-5236 (Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK ...) - sun-java6 <not-affected> (Windows only) - sun-java5 <not-affected> (Windows only) @@ -34688,7 +34687,7 @@ - sun-java6 6-03-1 (low) - sun-java5 1.5.0-13-1 (low) [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-5231 (Unrestricted file upload vulnerability in admin/upload_files.php in ...) NOT-FOR-US: Zomplog CVE-2007-5230 (admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for ...) @@ -37901,7 +37900,7 @@ - sun-java5 1.5.0-12-2 [etch] - sun-java5 1.5.0-14-1etch1 - sun-java6 6-02-1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-3921 (gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files ...) {DSA-1402-1} - gforge 4.6.99+svn6169-1 @@ -38435,7 +38434,7 @@ NOT-FOR-US: Sun Solaris CVE-2007-3716 (The Java XML Digital Signature implementation in Sun JDK and JRE 6 ...) - sun-java6 6-02-1 (medium) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-3715 (Sun Java System Application Server and Web Server 7.0 through 9.0 ...) NOT-FOR-US: Sun Java System Application Server and Web Server CVE-2007-3714 (Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 ...) @@ -38476,7 +38475,7 @@ - sun-java5 1.5.0-12-1 - sun-java6 6-02-1 [etch] - sun-java5 1.5.0-14-1etch1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in ...) NOT-FOR-US: FlashBB CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model ...) @@ -38573,7 +38572,7 @@ - sun-java5 1.5.0-12-1 [etch] - sun-java5 1.5.0-14-1etch1 - sun-java6 6-02-1 - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-3654 (The display driver allocattr functions in NetBSD 3.0 through ...) NOT-FOR-US: NetBSD CVE-2007-3653 (Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script ...) @@ -38953,7 +38952,7 @@ - sun-java5 1.5.0-12-1 [etch] - sun-java6 <no-dsa> (non-free) - sun-java6 6-01-1 (bug #432006) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-3502 (Unspecified vulnerability in the web-based product configuration ...) NOT-FOR-US: Kaspersky Anti-Spam CVE-2007-3501 (Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in ...) @@ -40730,12 +40729,12 @@ - sun-java5 1.5.0-11-1 (medium) [etch] - sun-java5 1.5.0-14-1etch1 - sun-java6 6-01-1 (bug #422403) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun Java ...) - sun-java5 1.5.0-11-1 (medium) [etch] - sun-java5 1.5.0-14-1etch1 - sun-java6 6-01-1 (bug #422403) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1) ...) NOT-FOR-US: LeadTools Raster Thumbnail Object Library CVE-2007-2786 (Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows remote ...) @@ -58205,7 +58204,7 @@ - sun-java5 1.5.0-10-1 (bug #384734) - sun-java6 6-13-1 (bug #521414) [lenny] - sun-java6 <no-dsa> (Non-free not supported) - TODO: check openjdk + - openjdk-6 <undetermined> (bug #566766) CVE-2006-2425 (Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in ...) NOT-FOR-US: phpRemoteView CVE-2006-2424 (PHP remote file inclusion vulnerability in ezUserManager 1.6 and ...)