Author: stef-guest
Date: 2007-07-21 06:38:49 +0000 (Sat, 21 Jul 2007)
New Revision: 6156

Modified:
   data/CVE/list
Log:
add bugnums, fixed: owl-dms, flac123 

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-07-19 17:01:57 UTC (rev 6155)
+++ data/CVE/list       2007-07-21 06:38:49 UTC (rev 6156)
@@ -783,7 +783,7 @@
        - glibc 2.6-2 (unimportant; bug #431858)
        NOTE: Not security-relevant
 CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value 
function ...)
-       - flac123 <unfixed> (medium; bug #432008)
+       - flac123 0.0.11-1 (medium; bug #432008)
 CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in 
FreeType ...)
        - freetype 2.3.4 (bug #432013)
        [sarge] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
@@ -1462,7 +1462,7 @@
        [etch] - flyspray <not-affected> (Vulnerable code not)
        [sarge] - flyspray <not-affected> (Vulnerable code not included)
        - moodle <not-affected> (Doesn't affect moodle per maintainer)
-       - owl-dms <unfixed> (bug #429197)
+       - owl-dms 0.94-2 (bug #429197)
        - knowledgeroot 0.9.8.2-2 (bug #429196)
        [etch] - knowledgeroot <not-affected> (Vulnerable code not used)
        - ipplan 4.85-2 (bug #429193)
@@ -4557,7 +4557,7 @@
        {DSA-1312-1}
        - libapache-mod-jk 1:1.2.23-1 (bug #425836)
 CVE-2007-1859 (XScreenSaver 4.10, when using a remote directory service for 
...)
-       - xscreensaver <unfixed> (low)
+       - xscreensaver <unfixed> (low; bug #433964)
 CVE-2007-1858 (The default SSL cipher configuration in Apache Tomcat 4.1.28 
through ...)
        NOTE: insecure ciphers should not be (and usually are not) enabled in 
browsers
        [sarge] - tomcat4 <no-dsa> (low)
@@ -5499,7 +5499,7 @@
 CVE-2007-1474 (Argument injection vulnerability in the cleanup cron script in 
Horde ...)
        - horde3 3.1.3-4 (medium)
 CVE-2007-1473 (Cross-site scripting (XSS) vulnerability in 
framework/NLS/NLS.php in ...)
-       - horde3 <unfixed> (low)
+       - horde3 <unfixed> (low; bug #434045)
 CVE-2007-1472 (Variable overwrite vulnerability in 
groupit/base/groupit.start.inc in ...)
        NOT-FOR-US: Groupit
 CVE-2007-1471 (admin/default.asp in Orion-Blog 2.0 allows remote attackers to 
bypass ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to