[Secure-testing-commits] r6774 - in data: CVE DSA

jmm-guest Wed, 03 Oct 2007 03:17:08 -0700

Author: jmm-guest
Date: 2007-10-03 10:17:04 +0000 (Wed, 03 Oct 2007)
New Revision: 6774


Modified:
   data/CVE/list
   data/DSA/list
Log:
correct version number in OO2 DSA
fix severity of openssl
new kernel issue not affecting debian
CVE-2007-3379 never affected debian


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-10-03 09:14:07 UTC (rev 6773)
+++ data/CVE/list       2007-10-03 10:17:04 UTC (rev 6774)
@@ -112,8 +112,7 @@
        NOT-FOR-US: Php-Nuke
 CVE-2007-5135 (Off-by-one error in the SSL_get_shared_ciphers function in 
OpenSSL ...)
        {DSA-1379-1}
-       - openssl 0.9.8e-9 (high; bug #444435)
-       NOTE: see https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/146269
+       - openssl 0.9.8e-9 (low; bug #444435)
 CVE-2007-5115 (Multiple PHP remote file inclusion vulnerabilities in Ekke 
Doerre ...)
        NOT-FOR-US: Ekke Doerre Contenido
 CVE-2007-5114 (** DISPUTED ** ...)
@@ -2950,8 +2949,9 @@
 CVE-2007-3851 (The drm/i915 component in the Linux kernel before 2.6.22.2, 
when used ...)
        {DSA-1356-1}
        - linux-2.6 2.6.22-4
-CVE-2007-3850
+CVE-2007-3850 [Kernel ppc64 DoS]
        RESERVED
+       - linux-2.6 <not-affected> (Debian's kernel doesn't enable 
CONFIG_PPC_64K_PAGES)
 CVE-2007-3849 (Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the 
Advanced ...)
        NOT-FOR-US: RedHat Advanced Intrusion Detection Environment
 CVE-2007-3848 (Linux kernel 2.4.35 and other versions allows local users to 
send ...)
@@ -4094,7 +4094,7 @@
        - linux-2.6 2.6.23-1
        [etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2007-3379 (Unspecified vulnerability in the kernel in Red Hat Enterprise 
Linux ...)
-       - linux-2.6 2.6.12-1
+       - linux-2.6 <not-affected> (Red Hat-specific vulnerability)
 CVE-2007-3378 (The (1) session_save_path, (2) ini_set, and (3) error_log 
functions in ...)
        - php4 <unfixed> (unimportant)
        - php5 <unfixed> (unimportant)

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2007-10-03 09:14:07 UTC (rev 6773)
+++ data/DSA/list       2007-10-03 10:17:04 UTC (rev 6774)
@@ -25,9 +25,6 @@
 [21 Sep 2007] DSA-1377-2 fetchmail - null pointer dereference
        {CVE-2007-4565}
        [etch] - fetchmail 6.3.6-1etch1
-[21 Sep 2007] DSA-1377-1 fetchmail - null pointer reference
-       {CVE-2007-4565}
-       [etch] - fetchmail 6.3.6-1etch1
 [21 Sep 2007] DSA-1376-1 kdebase - programming error
        {CVE-2007-4569}
        [etch] - kdebase 4:3.5.5a.dfsg.1-6etch1
@@ -36,7 +33,7 @@
        [etch] - vim 7.0-122+1etch3
 [17 Sep 2007] DSA-1375-1 openoffice.org - buffer overflow
        {CVE-2007-2834}
-       [etch] - openoffice.org 2.0.4.dfsg.2-7etch2.
+       [etch] - openoffice.org 2.0.4.dfsg.2-7etch2
 [11 Sep 2007] DSA-1373-1 ktorrent - directory traversal vulnerabilities
        {CVE-2007-1799}
        [etch] - ktorrent 2.0.3+dfsg1-2etch1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r6774 - in data: CVE DSA

Reply via email to