[Secure-testing-commits] r5908 - in data: CVE DSA

jmm-guest Wed, 23 May 2007 14:29:13 -0700

Author: jmm-guest
Date: 2007-05-23 21:29:09 +0000 (Wed, 23 May 2007)
New Revision: 5908


Modified:
   data/CVE/list
   data/DSA/list
Log:
- CVE-2007-1583 was fixed in DSA-1282
- madwifi non-free -> no-dsa
- no-dsa for minor gnupg issue
- correctly assign CVE-2007-1001 libgd2, our php5 links dynamically


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-05-23 21:07:52 UTC (rev 5907)
+++ data/CVE/list       2007-05-23 21:29:09 UTC (rev 5908)
@@ -1,5 +1,6 @@
 CVE-2007-XXXX [MadWifi several DoS, one of them remote]
        - madwifi 1:0.9.3-2
+       [etch] - madwifi <no-dsa> (Non-free not supported)
 CVE-2007-XXXX [mantis multiple issues fixed in 1.0.7]
        - mantis 1.0.7+dfsg-1
        NOTE: "email notifications bypass security on custom fields" and "XSS 
vulnerabilities"
@@ -3608,6 +3609,8 @@
        - gnupg 1.4.6-2 (bug #413922; low)
        - gpgme1.0 1.1.2-3 (bug #414170; low)
        - gnupg2 2.0.3-1
+       [sarge] - gnupg2 <no-dsa> (Minor issue)
+       [etch] - gnupg2 <no-dsa> (Minor issue)
 CVE-2007-1262 (Multiple cross-site scripting (XSS) vulnerabilities in the HTML 
filter ...)
        {DSA-1290-1}
        - squirrelmail 2:1.4.10a-1
@@ -4384,7 +4387,9 @@
        - evolution <unfixed>
        [sarge] - evolution <not-affected> (Vulnerable code not present)
 CVE-2007-1001 (Multiple integer overflows in the (1) createwbmp and (2) 
readwbmp ...)
-       - php5 <unfixed> (medium)
+       - libgd2 <unfixed> (medium)
+       NOTE: Although reported initially for PHP5, this needs to be fixed in 
gd2, our
+       NOTE: PHP5 links dynamically
 CVE-2007-1000 (The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c 
in the ...)
        - linux-2.6 2.6.18.dfsg.1-12 (medium)
 CVE-2007-0999 (Format string vulnerability in Ekiga 2.0.3, and probably other 
...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2007-05-23 21:07:52 UTC (rev 5907)
+++ data/DSA/list       2007-05-23 21:29:09 UTC (rev 5908)
@@ -42,7 +42,7 @@
        {CVE-2007-1286 CVE-2007-1375 CVE-2007-1376 CVE-2007-1380 CVE-2007-1453 
CVE-2007-1454 CVE-2007-1521 CVE-2007-1583 CVE-2007-1700 CVE-2007-1711 
CVE-2007-1718 CVE-2007-1777 CVE-2007-1824 CVE-2007-1887 CVE-2007-1889 
CVE-2007-1900 CVE-2007-1522}
        [etch] - php5 5.2.0-8+etch3
 [26 Apr 2007] DSA-1282-1 php4
-       {CVE-2007-1286 CVE-2007-1380 CVE-2007-1521 CVE-2007-1711 CVE-2007-1718 
CVE-2007-1777}
+       {CVE-2007-1286 CVE-2007-1380 CVE-2007-1521 CVE-2007-1583 CVE-2007-1711 
CVE-2007-1718 CVE-2007-1777}
        [sarge] - php4 4:4.3.10-20
        [etch] - php4 6:4.4.4-8+etch2
 [25 Apr 2007] DSA-1281-1 clamav - several vulnerabilities


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r5908 - in data: CVE DSA

Reply via email to