Author: jmm-guest
Date: 2007-09-19 20:26:42 +0000 (Wed, 19 Sep 2007)
New Revision: 6645
Modified:
data/CVE/list
Log:
irssi-scripts no-dsa
gimp issue not yet fixed, pinged Mandriva for isolated patch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-19 19:45:21 UTC (rev 6644)
+++ data/CVE/list 2007-09-19 20:26:42 UTC (rev 6645)
@@ -82,7 +82,7 @@
NOT-FOR-US: Microsoft Visual Studio
CVE-2007-4889 (The MySQL extension in PHP 5.2.4 and earlier allows remote
attackers ...)
- php5 <unfixed> (unimportant)
- NOTE: Only triggerable by malicious script
+ NOTE: basedir and safemode not supported
CVE-2007-4888 (The "You are not allowed..." error handler in XWiki
1.0 B1 and 1.0 B2 ...)
NOT-FOR-US: Xwiki
CVE-2007-4887 (The dl function in PHP 5.2.4 and earlier allows
context-dependent ...)
@@ -1190,6 +1190,8 @@
NOT-FOR-US: various IRC now_playing scripts
CVE-2007-4396 (Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3,
(2) ...)
- irssi-scripts <unfixed> (low; bug #439840)
+ [etch] - irssi-scripts <no-dsa> (minor issue)
+ [sarge] - irssi-scripts <no-dsa> (minor issue)
NOTE: weechat-scripts does not include the mentioned scripts
CVE-2007-4395 (Multiple unspecified vulnerabilities in the Role Based Access
Control ...)
NOT-FOR-US: Sun Solaris 8
@@ -2653,7 +2655,8 @@
CVE-2007-3742 (WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone
before ...)
NOT-FOR-US: Apple Safari
CVE-2007-3741 (The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins
in gimp ...)
- - gimp 2.2.16-1 (low)
+ - gimp <unfixed>
+ TODO: Poke maintainer, might be a non-issue, as upstream is fairly well
organized
CVE-2007-3740 (The CIFS filesystem, when Unix extension support is enabled,
does not ...)
- linux-2.6 <unfixed>
CVE-2007-3739 (mm/mmap.c in the hugetlb kernel, when run on PowerPC systems,
does not ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
