[Secure-testing-commits] r6190 - data/CVE

jmm-guest Mon, 30 Jul 2007 08:49:32 -0700

Author: jmm-guest
Date: 2007-07-30 15:49:27 +0000 (Mon, 30 Jul 2007)
New Revision: 6190


Modified:
   data/CVE/list
Log:
dokuwiki non-issue
no-dsa for konqueror, jailer, xscreensaver
asterisk CVEfied


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-07-29 10:23:01 UTC (rev 6189)
+++ data/CVE/list       2007-07-30 15:49:27 UTC (rev 6190)
@@ -332,7 +332,8 @@
        - asterisk 1:1.4.9~dfsg-1
        NOTE: ASA-2007-018
 CVE-2007-XXXX [dokuwiki XSS in spellchecker]
-       - dokuwiki 0.0.20070626b-1 (bug #434134)
+       - dokuwiki 0.0.20070626b-1 (unimportant; bug #434134)
+       NOTE: IE browser bug are not treated as security issues in packages 
applications
 CVE-2007-3870 (Multiple unspecified vulnerabilities in the Human Capital 
Management ...)
        TODO: check
 CVE-2007-3869 (Multiple unspecified vulnerabilities in the Customer 
Relationship ...)
@@ -557,6 +558,8 @@
        NOTE: ASA-2007-014
 CVE-2007-XXXX [konqueror data: URL address bar spoofing]
        - kdebase <unfixed> (bug #433072; low)
+       [sarge] - kdebase <no-dsa> (Minor issue)
+       [etch] - kdebase <no-dsa> (Minor issue)
        NOTE: http://marc.info/?l=full-disclosure&m=118437069815691&w=2
 CVE-2007-3761
        RESERVED
@@ -1473,7 +1476,9 @@
        - wireshark 0.99.6pre1-1
        - ethereal <not-affected> (Vulnerable code not present)
 CVE-2007-XXXX [jailer unsave tempfile usage]
-       - jailer 0.4-10 (bug #410548)
+       - jailer 0.4-10 (bug #410548; low)
+       [sarge] - jailer <no-dsa> (Minor issue)
+       [etch] - jailer <no-dsa> (Minor issue)
 CVE-2007-3372 (The Avahi daemon in Avahi before 0.6.20 allows attackers to 
cause a ...)
        - avahi <unfixed> (low)
        [etch] - avahi <no-dsa> (Minor issue, only affects local users)
@@ -4935,6 +4940,8 @@
        - libapache-mod-jk 1:1.2.23-1 (bug #425836)
 CVE-2007-1859 (XScreenSaver 4.10, when using a remote directory service for 
...)
        - xscreensaver 5.03-1 (low; bug #433964)
+       [etch] - xscreensaver <no-dsa> (Minor issue, requires attacker with 
high level of control, see #433964)
+       [sarge] - xscreensaver <no-dsa> (Minor issue, requires attacker with 
high level of control, see #433964)
 CVE-2007-1858 (The default SSL cipher configuration in Apache Tomcat 4.1.28 
through ...)
        NOTE: insecure ciphers should not be (and usually are not) enabled in 
browsers
        [sarge] - tomcat4 <no-dsa> (low)
@@ -6776,8 +6783,6 @@
 CVE-2007-1218 (Off-by-one buffer overflow in the parse_elements function in 
the ...)
        {DSA-1272-1}
        - tcpdump 3.9.5-2 (bug #413430; low)
-CVE-2007-XXXX [asterisk remote SIP security hole]
-       - asterisk 1:1.2.16~dfsg-1
 CVE-2007-1160 (webSPELL 4.0, and possibly later versions, allows remote 
attackers to ...)
        NOT-FOR-US: webSPELL
 CVE-2007-1159 (Cross-site scripting (XSS) vulnerability in modules/out.php in 
...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r6190 - data/CVE

Reply via email to