Author: white
Date: 2007-08-22 04:47:52 +0000 (Wed, 22 Aug 2007)
New Revision: 6372
Modified:
data/CVE/list
Log:
zziplib fixed in latest MU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-21 21:14:12 UTC (rev 6371)
+++ data/CVE/list 2007-08-22 04:47:52 UTC (rev 6372)
@@ -6336,7 +6336,7 @@
CVE-2007-1615 (SQL injection vulnerability in index.php in ScriptMagix Jokes
2.0 and ...)
NOT-FOR-US: ScriptMagix
CVE-2007-1614 (Stack-based buffer overflow in the zzip_open_shared_io function
in ...)
- - zziplib <unfixed> (bug #436701; low)
+ - zziplib 0.13.49-0 (bug #436701; low)
[etch] - zziplib <no-dsa> (Minor issue)
NOTE:
http://www.securitylab.ru/forum/read.php?FID=21&TID=40858&MID=326187#message326187
NOTE: If an attacker can supply arbitrary file names, we likely suffer
from
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
