[Secure-testing-commits] r6150 - data/CVE

jmm-guest Wed, 18 Jul 2007 15:01:06 -0700

Author: jmm-guest
Date: 2007-07-18 22:01:03 +0000 (Wed, 18 Jul 2007)
New Revision: 6150


Modified:
   data/CVE/list
Log:
silc doesn't affect etch
no-dsas for minor browser issues
mutt no-dsa, might come through s-p-u


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-07-18 21:56:57 UTC (rev 6149)
+++ data/CVE/list       2007-07-18 22:01:03 UTC (rev 6150)
@@ -543,6 +543,7 @@
        TODO: check
 CVE-2007-XXXX [silc-toolkit several buffer overflows]
        - silc-toolkit 1.1.2-1
+       [etch] - silc-toolkit <not-affected> (Only the 1.1.x branch is affected)
        NOTE: http://silcnet.org/docs/changelog/SILC Toolkit 1.1.2
 CVE-2007-XXXX [silc-client several buffer overflows]
        - silc-client 1.1.2-1
@@ -858,8 +859,10 @@
        NOT-FOR-US: Lhaca
 CVE-2007-3374 (Buffer overflow in cluster/cman/daemon/daemon.c in cman ...)
        - redhat-cluster <unfixed> (medium)
+       TODO: File bug
 CVE-2007-3373 (daemon.c in cman (redhat-cluster-suite) before 20070622 does 
not clear ...)
        - redhat-cluster <unfixed> (low)
+       TODO: File bug
 CVE-2006-7209 (Multiple cross-site scripting (XSS) vulnerabilities in 
phpTrafficA ...)
        NOT-FOR-US: phpTrafficA
 CVE-2006-7208 (PHP remote file inclusion vulnerability in download.php in the 
Adam ...)
@@ -1397,15 +1400,21 @@
        NOT-FOR-US: Zen Help Desk
 CVE-2007-3145 (Visual truncation vulnerability in Galeon 2.0.1 allows remote 
...)
        - galeon <unfixed> (low; bug #429216)
+       [sarge] - galeon <no-dsa> (Minor issue)
+       [etch] - galeon <no-dsa> (Minor issue)
 CVE-2007-3144 (Visual truncation vulnerability in Mozilla 1.7.12 allows remote 
...)
        - iceweasel <unfixed> (low)
        [etch] - iceweasel <no-dsa> (Minor issue)
        - iceape <unfixed> (low)
+       [etch] - iceape <no-dsa> (Minor issue)
        - firefox <removed> (low)
        - mozilla <removed> (low)
        - xulrunner <unfixed> (low)
+       [etch] - xulrunner <no-dsa> (Minor issue)
 CVE-2007-3143 (Visual truncation vulnerability in Konqueror 3.5.5 allows 
remote ...)
        - kdebase <unfixed> (low)
+       [sarge] - kdebase <no-dsa> (Minor issue)
+       [etch] - kdebase <no-dsa> (Minor issue)
 CVE-2007-3142 (Visual truncation vulnerability in Opera 9.21 allows remote 
attackers ...)
        NOT-FOR-US: Opera
 CVE-2007-3141 (PHP remote file inclusion vulnerability in core/editor.php in 
...)
@@ -2484,6 +2493,8 @@
        NOT-FOR-US: Jetbox CMS
 CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to 
execute ...)
        - mutt 1.5.15+20070608-1 (low; bug #426116)
+       [etch] - mutt <no-dsa> (Minor issue, hardly exploitable)
+       [sarge] - mutt <no-dsa> (Minor issue, hardly exploitable)
 CVE-2007-2682 (The installer for Adobe Version Cue CS3 Server on Apple Mac OS 
X, as ...)
        NOT-FOR-US: Adobe
 CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in 
b2evolution ...)
@@ -4740,7 +4751,7 @@
 CVE-2007-1694
        RESERVED
 CVE-2007-1693 (The SIP channel module in Yet Another Telephony Engine (Yate) 
before ...)
-       - yate 1.2.0-1.dfsg-1 (medium; bug #421994)
+       - yate 1.2.0-1.dfsg-1 (low; bug #421994)
 CVE-2007-1692 (The default configuration of Microsoft Windows uses the Web 
Proxy ...)
        NOT-FOR-US: Microsoft
 CVE-2007-1691 (Stack-based buffer overflow in Second Sight Software ActiveMod 
ActiveX ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r6150 - data/CVE

Reply via email to