Author: keescook-guest
Date: 2007-07-05 15:21:44 +0000 (Thu, 05 Jul 2007)
New Revision: 6097
Modified:
data/CVE/list
Log:
NFUs: 1; unfixed, fixed, and not-affected: libgd2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-05 12:14:11 UTC (rev 6096)
+++ data/CVE/list 2007-07-05 15:21:44 UTC (rev 6097)
@@ -73,19 +73,26 @@
CVE-2007-3479 (Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p)
allows ...)
NOT-FOR-US: PCSoft WinDEV
CVE-2007-3478 (Race condition in gdImageStringFTEx (gdft_draw_bitmap) in
gdft.c in ...)
- TODO: check
+ - libgd2 <not-affected>
+ NOTE: this is a crash, and does not seem to be attacker controlled.
CVE-2007-3477 (The (a) imagearc and (b) imagefilledarc functions in GD
Graphics ...)
- TODO: check
+ - libgd2 <unfixed> (low)
+ NOTE: CPU consumption DoS
CVE-2007-3476 (Array index error in gd_gif_in.c in the GD Graphics Library
(libgd) ...)
- TODO: check
+ - libgd2 <unfixed> (low)
+ NOTE: can write a 0 to a 4k window in heap, very unlikely to be
controllable.
CVE-2007-3475 (The GD Graphics Library (libgd) before 2.0.35 allows
user-assisted ...)
- TODO: check
+ - libgd2 <not-affected>
+ NOTE: out-of-band memory read, does not appear attacker controlled.
CVE-2007-3474 (Multiple unspecified vulnerabilities in the GIF reader in the
GD ...)
- TODO: check
+ - libgd2 <not-affected>
+ NOTE: appears to be prophylactic dup of CVE-2007-3476.
CVE-2007-3473 (The gdImageCreateXbm function in the GD Graphics Library
(libgd) ...)
- TODO: check
+ - libgd2 <not-affected>
+ NOTE: this is only a NULL deref crash (same as CVE-2007-3472)
CVE-2007-3472 (Integer overflow in gdImageCreateTrueColor function in the GD
Graphics ...)
- TODO: check
+ - libgd2 <not-affected>
+ NOTE: this is only a NULL deref crash.
CVE-2007-3471 (Buffer overflow in the dtsession Common Desktop Environment
(CDE) ...)
NOT-FOR-US: Sun Solaris dtsession
CVE-2007-3470 (Multiple unspecified vulnerabilities in the KSSL kernel module
in Sun ...)
@@ -113,7 +120,7 @@
CVE-2007-3459 (A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech
Avax ...)
TODO: check
CVE-2007-3458 (The libsldap library in Sun Solaris 8, 9, and 10 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris libsldap
CVE-2007-3457
RESERVED
CVE-2007-3456
@@ -6112,9 +6119,8 @@
- evolution <unfixed>
[sarge] - evolution <not-affected> (Vulnerable code not present)
CVE-2007-1001 (Multiple integer overflows in the (1) createwbmp and (2)
readwbmp ...)
- - libgd2 <unfixed> (medium)
- NOTE: Although reported initially for PHP5, this needs to be fixed in
gd2, our
- NOTE: PHP5 links dynamically
+ - libgd2 2.0.33-1 (medium)
+ NOTE: This has been fixed in libgd2 for a while, and php is linked
against libgd2.
CVE-2007-1000 (The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c
in the ...)
- linux-2.6 2.6.18.dfsg.1-12 (medium)
CVE-2007-0999 (Format string vulnerability in Ekiga 2.0.3, and probably other
...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
