[Secure-testing-commits] r10725 - data/CVE

thijs Thu, 18 Dec 2008 03:00:40 -0800

Author: thijs
Date: 2008-12-18 11:00:29 +0000 (Thu, 18 Dec 2008)
New Revision: 10725


Modified:
   data/CVE/list
Log:
point update r6 released


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2008-12-18 05:18:03 UTC (rev 10724)
+++ data/CVE/list       2008-12-18 11:00:29 UTC (rev 10725)
@@ -1356,6 +1356,8 @@
        [etch] - typo3-src <not-affected> (Typo3 versions below 4.2.x are not 
affected)
 CVE-2008-XXXX [websvn Cross Site Scripting and Directory Traversal]
        - websvn 2.0-4 (bug #503330)
+       [etch] - websvn 1.61-21
+       NOTE: Fixed in etch r6 point update
        NOTE: http://www.gulftech.org/?node=research&article_id=00132-10202008
 CVE-2008-5033 (The chip_command function in drivers/media/video/tvaudio.c in 
the ...)
        - linux-2.6 2.6.26-11
@@ -1726,9 +1728,8 @@
        - python2.4 2.4.5-6 (bug #504620)
 CVE-2008-4863 (Untrusted search path vulnerability in BPY_interface in Blender 
2.46 ...)
        - blender 2.46+dfsg-5 (bug #503632; low)
-       [etch] - blender <no-dsa> (Minor issue)
-       TODO:   [etch] - blender 2.42a-8
-       NOTE: Scheduled for r6
+       [etch] - blender 2.42a-8
+       NOTE: minor issue fixed in etch r6 point update
 CVE-2008-4862
        RESERVED
 CVE-2008-4861
@@ -2451,9 +2452,8 @@
        NOT-FOR-US: Sun Solstice AdminSuite
 CVE-2008-4555 (Stack-based buffer overflow in the push_subg function in 
parser.y ...)
        - graphviz 2.20.2-3 (low)
-       [etch] - graphviz <no-dsa> (Minor issue)
-       TODO:   [etch] - graphviz 2.8-3+etch1
-       NOTE: Scheduled for r6
+       [etch] - graphviz 2.8-3+etch1
+       NOTE: minor issue fixed in etch r6 point update
 CVE-2008-4554 (The do_splice_from function in fs/splice.c in the Linux kernel 
before ...)
        {DSA-1687-1 DSA-1681-1}
        - linux-2.6 2.6.26-9
@@ -3311,7 +3311,6 @@
        [etch] - linux-ftpd-ssl <no-dsa> (Minor issue)
        - linux-ftpd 0.17-29 (bug #500278)
        [etch] - linux-ftpd <no-dsa> (Minor issue)
-       NOTE: Scheduled for r6
 CVE-2008-XXXX [possible script injection via /etc/wordpress/wp-config.php]
        - wordpress <unfixed> (bug #500295; unimportant)
        NOTE: bigger problems, if attacker has access to /etc/wordpress/*
@@ -23522,7 +23521,9 @@
 CVE-2007-2873 (SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when 
running as ...)
        - spamassassin 3.2.1-1 (low)
        [sarge] - spamassassin <no-dsa> (Only obscure setups affected, only 
locally exploitable)
-       [etch] - spamassassin <no-dsa> (Only obscure setups affected, only 
locally exploitable)
+       [etch] - spamassassin 3.1.7-2etch1
+       NOTE: Minor issue fixed in etch r6 point update
+       NOTE: Only obscure setups affected, only locally exploitable
 CVE-2007-2872 (Multiple integer overflows in the chunk_split function in PHP 5 
before ...)
        - php5 5.2.3-1 (unimportant)
        NOTE: Only triggerable by malicious script


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r10725 - data/CVE

Reply via email to