Author: kees
Date: 2010-03-06 19:52:48 +0000 (Sat, 06 Mar 2010)
New Revision: 14197
Modified:
data/CVE/list
Log:
mark 2007 java CVEs as closed in openjdk-6, tied to first version they were
fixed in
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-03-06 18:19:18 UTC (rev 14196)
+++ data/CVE/list 2010-03-06 19:52:48 UTC (rev 14197)
@@ -34509,7 +34509,7 @@
- sun-java6 6-03-1 (medium)
- sun-java5 1.5.0-13-1 (medium)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-5688 (Multiple SQL injection vulnerabilities in directory.php in the
...)
NOT-FOR-US: Multi Host Forum Pro
CVE-2007-5687 (Multiple buffer overflows in the rich text processing
functionality in ...)
@@ -35900,7 +35900,7 @@
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-5374 (cp_memberedit.php in LightBlog 8.4.1.1 does not check for ...)
NOT-FOR-US: LightBlog
CVE-2007-5373 (ldapscripts 1.4 and 1.7 sends a password as a command line
argument ...)
@@ -36145,12 +36145,12 @@
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-5273 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and
...)
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-5272 (SQL injection vulnerability in kategori.asp in Furkan Tastan
Blog ...)
NOT-FOR-US: Furkan Tastan Blog
CVE-2007-5271 (Multiple PHP remote file inclusion vulnerabilities in Trionic
Cite CMS ...)
@@ -36269,23 +36269,23 @@
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-5239 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK
and JRE ...)
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-5238 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK
and JRE ...)
- sun-java6 6-03-1 (unimportant)
- sun-java5 1.5.0-13-1 (unimportant)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
NOTE: Leaked information hardly sensitive
CVE-2007-5237 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does
not ...)
- sun-java6 6-03-1 (medium)
- sun-java5 1.5.0-13-1 (medium)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-5236 (Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and
SDK ...)
- sun-java6 <not-affected> (Windows only)
- sun-java5 <not-affected> (Windows only)
@@ -36300,7 +36300,7 @@
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-5231 (Unrestricted file upload vulnerability in admin/upload_files.php
in ...)
NOT-FOR-US: Zomplog
CVE-2007-5230 (admin/upload_files.php in Zomplog 3.8.1 and earlier does not
check for ...)
@@ -39512,7 +39512,7 @@
- sun-java5 1.5.0-12-2
[etch] - sun-java5 1.5.0-14-1etch1
- sun-java6 6-02-1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-3921 (gforge 3.1 and 4.5.14 allows local users to truncate arbitrary
files ...)
{DSA-1402-1}
- gforge 4.6.99+svn6169-1
@@ -40046,7 +40046,7 @@
NOT-FOR-US: Sun Solaris
CVE-2007-3716 (The Java XML Digital Signature implementation in Sun JDK and JRE
6 ...)
- sun-java6 6-02-1 (medium)
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-3715 (Sun Java System Application Server and Web Server 7.0 through
9.0 ...)
NOT-FOR-US: Sun Java System Application Server and Web Server
CVE-2007-3714 (Directory traversal vulnerability in Ada Image Server (ImgSvr)
0.6.5 ...)
@@ -40087,7 +40087,7 @@
- sun-java5 1.5.0-12-1
- sun-java6 6-02-1
[etch] - sun-java5 1.5.0-14-1etch1
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in
...)
NOT-FOR-US: FlashBB
CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model
...)
@@ -40564,7 +40564,7 @@
- sun-java5 1.5.0-12-1
[etch] - sun-java6 <no-dsa> (non-free)
- sun-java6 6-01-1 (bug #432006)
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-3502 (Unspecified vulnerability in the web-based product configuration
...)
NOT-FOR-US: Kaspersky Anti-Spam
CVE-2007-3501 (Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in
...)
@@ -42344,12 +42344,12 @@
- sun-java5 1.5.0-11-1 (medium)
[etch] - sun-java5 1.5.0-14-1etch1
- sun-java6 6-01-1 (bug #422403)
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun
Java ...)
- sun-java5 1.5.0-11-1 (medium)
[etch] - sun-java5 1.5.0-14-1etch1
- sun-java6 6-01-1 (bug #422403)
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b08-1 (bug #566766)
CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1)
...)
NOT-FOR-US: LeadTools Raster Thumbnail Object Library
CVE-2007-2786 (Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows
remote ...)
@@ -59818,7 +59818,7 @@
- sun-java5 1.5.0-10-1 (bug #384734)
- sun-java6 6-13-1 (bug #521414)
[lenny] - sun-java6 <no-dsa> (Non-free not supported)
- - openjdk-6 <undetermined> (bug #566766)
+ - openjdk-6 6b14-1.5~pre1-3 (bug #566766)
CVE-2006-2425 (Multiple cross-site scripting (XSS) vulnerabilities in PRV.php
in ...)
NOT-FOR-US: phpRemoteView
CVE-2006-2424 (PHP remote file inclusion vulnerability in ezUserManager 1.6 and
...)