[Secure-testing-commits] r5872 - in data: CVE DSA

jmm-guest Thu, 17 May 2007 12:34:30 -0700

Author: jmm-guest
Date: 2007-05-17 19:31:16 +0000 (Thu, 17 May 2007)
New Revision: 5872


Modified:
   data/CVE/list
   data/DSA/list
Log:
quagga DSA
libpng crasher not treated as a security problem


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-05-17 19:10:43 UTC (rev 5871)
+++ data/CVE/list       2007-05-17 19:31:16 UTC (rev 5872)
@@ -569,8 +569,9 @@
        - samba 3.0.25-1 (high)
 CVE-2007-2445 [libpng tRNS Chunk Denial of Service]
        RESERVED
-       - libpng 1.2.15~beta5-2
-       - libpng3 <unfixed>
+       - libpng 1.2.15~beta5-2 (unimportant)
+       - libpng3 <unfixed> (unimportant)
+       NOTE: Only a crash, no code injection. Calling this DoS stretches 
things rather far
 CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd 
in Samba ...)
        {DSA-1291-2}
        - samba 3.0.25-1

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2007-05-17 19:10:43 UTC (rev 5871)
+++ data/DSA/list       2007-05-17 19:31:16 UTC (rev 5872)
@@ -1,3 +1,7 @@
+[17 May 2007] DSA-1293-1 quagga
+       {CVE-2007-1995}
+       [sarge] - 0.98.3-7.4
+       [etch] - 0.99.5-5etch2
 [15 May 2007] DSA-1292-1 qt4-x11
        {CVE-2007-0242}
        [etch] - qt4-x11 4.2.1-2etch1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r5872 - in data: CVE DSA

Reply via email to