[Secure-testing-commits] r6343 - data/CVE

joeyh Thu, 16 Aug 2007 17:49:27 -0700

Author: joeyh
Date: 2007-08-16 21:14:08 +0000 (Thu, 16 Aug 2007)
New Revision: 6343


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-08-16 20:58:17 UTC (rev 6342)
+++ data/CVE/list       2007-08-16 21:14:08 UTC (rev 6343)
@@ -699,7 +699,7 @@
 CVE-2007-4042 (Multiple argument injection vulnerabilities in Netscape 
Navigator 9 ...)
        NOT-FOR-US: Netscape Navigator
 CVE-2007-4041 (Multiple argument injection vulnerabilities in Mozilla Firefox 
2.0.0.5 ...)
-       {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+       {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
        - iceweasel 2.0.0.6-1
 CVE-2007-4040 (Argument injection vulnerability involving Microsoft Outlook 
and ...)
        NOT-FOR-US: Micrsoft Outlook
@@ -1094,25 +1094,27 @@
 CVE-2007-3852 (The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 
creates ...)
        TODO: check
 CVE-2007-3851 (The drm/i915 component in the Linux kernel before 2.6.22.2, 
when used ...)
+       {DSA-1356-1}
        TODO: check
 CVE-2007-3850
        RESERVED
 CVE-2007-3849
        RESERVED
 CVE-2007-3848 (Linux kernel 2.4.35 and other versions allows local users to 
send ...)
+       {DSA-1356-1}
        TODO: check
 CVE-2007-3847
        RESERVED
 CVE-2007-3846
        RESERVED
 CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 
2.x ...)
-       {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+       {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
        - iceweasel 2.0.0.6-1 (medium)
        - xulrunner 1.8.1.6-1 (medium)
        - iceape 1.1.3-2 (medium)
        - icedove <unfixed> (medium)
 CVE-2007-3844 (Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 
1.5.0.13, and ...)
-       {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+       {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
        - iceweasel 2.0.0.6-1 (medium)
        - xulrunner 1.8.1.6-1 (medium)
        - iceape 1.1.3-2 (medium)
@@ -1580,6 +1582,7 @@
 CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative 
privileges ...)
        NOT-FOR-US: AV Arcade
 CVE-2007-3642 (The decode_choice function in 
net/netfilter/nf_conntrack_h323_asn1.c ...)
+       {DSA-1356-1}
        - linux-2.6 2.6.22-2
 CVE-2007-3641 (archive_read_support_format_tar.c in libarchive before 2.2.4 
does not ...)
        - libarchive 2.2.4-1 (bug #432924; low)
@@ -1885,6 +1888,7 @@
 CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2 
allows ...)
        NOT-FOR-US: Apple Safari
 CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the 
Linux ...)
+       {DSA-1356-1}
        - linux-2.6 <unfixed>
 CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22 
allows ...)
        NOT-FOR-US: Lhaca
@@ -3380,6 +3384,7 @@
 CVE-2007-2877 (Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 
8.5a6 ...)
        NOTE: Not a security issue; Windows-only anyway.
 CVE-2007-2876 (The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) 
...)
+       {DSA-1356-1}
        - linux-2.6 2.6.21-5 (medium)
 CVE-2007-2875 (Integer underflow in the cpuset_tasks_read function in the 
Linux ...)
        - linux-2.6 2.6.21-5 (medium)
@@ -4202,6 +4207,7 @@
 CVE-2007-2526 (Heap-based buffer overflow in the ConnectAsyncEx function in 
VNC ...)
        NOT-FOR-US: VNC Viewer ActiveX control
 CVE-2007-2525 (Memory leak in the PPP over Ethernet (PPPoE) socket 
implementation in ...)
+       {DSA-1356-1}
        - linux-2.6 <unfixed>
 CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS 
(Open ...)
        {DSA-1298-1}
@@ -4369,6 +4375,7 @@
 CVE-2007-2454 (Heap-based buffer overflow in the VGA device in Parallels 
allows local ...)
        NOT-FOR-US: Parallels
 CVE-2007-2453 (The random number feature in Linux kernel 2.6 before 2.6.20.13, 
and ...)
+       {DSA-1356-1}
        - linux-2.6 2.6.21-5 (low)
 CVE-2007-2452 (Heap-based buffer overflow in the visit_old_format function in 
...)
        - findutils 4.2.31-1 (low; bug #426862)
@@ -5023,6 +5030,7 @@
 CVE-2007-2173 (Eval injection vulnerability in (1) courier-imapd.indirect and 
(2) ...)
        NOT-FOR-US: Gentoo's packaging of courier
 CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 
2.4.35 ...)
+       {DSA-1356-1}
        - linux-2.6 <unfixed> (medium)
 CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in 
...)
        NOT-FOR-US: Novell GroupWise
@@ -6991,6 +6999,7 @@
 CVE-2007-1354 (The Access Control functionality (JMXOpsAccessControlFilter) in 
JMX ...)
        NOT-FOR-US: JBoss Application Server
 CVE-2007-1353 (The setsockopt function in the L2CAP and HCI Bluetooth support 
in the ...)
+       {DSA-1356-1}
        - linux-2.6 <unfixed> (low)
 CVE-2007-1352 (Integer overflow in the FontFileInitTable function in X.Org 
libXfont ...)
        {DSA-1294-1}


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r6343 - data/CVE

Reply via email to