In preparation of some refactoring work I'm doing on the tracker code,
I've removed conflicting data from it. (The new checker is more
strict.)
The largest part of the diff concerns <no-dsa> annotations for Sun
Java (due to its non-freeness). The other larger set of discrepancies
is related to cups/cupsys and the move from internal xpdf code to an
external dependency.
I tried to resolve the remaining ambiguities as best as I could, and I
reproduce them below for comments.
CVE-2008-5031 (Multiple integer overflows in Python 2.2.3 through 2.5.1, and
2.6, ...)
- python2.5 2.5.2-11.1
[etch] - python2.5 <no-dsa> (Minor issue)
- - python2.4 2.4.6-1 (bug #507317)
[etch] - python2.4 <no-dsa> (Minor issue)
- - python2.4 2.4.5-6 (low; bug #504620)
+ - python2.4 2.4.5-6 (low; bug #507317; bug #504620)
NOTE: definitely fixed in 2.5.2-11.1 for lenny/unstable
(svn-updates.dpatch)
NOTE: maybe fixed earlier, doko is not able to tell the exact
version atm
CVE-2007-2583 (The in_decimal::set function in item_cmpfunc.cc in MySQL before
...)
{DSA-1413-1}
- mysql-dfsg-5.0 5.0.41-1 (low; bug #426353)
[sarge] - mysql-dfsg <not-affected> (Vulnerable functionality
not implemented)
- [sarge] - mysql-dfsg <not-affected> (Not affected, test case
doesn't crash the daemon)
+ NOTE: [sarge] Not affected, test case doesn't crash the daemon
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
