[Secure-testing-commits] r11151 - data/CVE

Thu, 05 Feb 2009 09:43:24 -0800 

Author: white
Date: 2009-02-05 17:43:19 +0000 (Thu, 05 Feb 2009)
New Revision: 11151

Modified:
   data/CVE/list
Log:
Fix gst-plugins entries so they reflect the real situation between good and bad 
plugins

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-02-05 12:01:36 UTC (rev 11150)
+++ data/CVE/list       2009-02-05 17:43:19 UTC (rev 11151)
@@ -37,9 +37,14 @@
        NOT-FOR-US: SocialEngine
 CVE-2009-0399 (Chipmunk Blogger Script allows remote attackers to gain 
administrator ...)
        NOT-FOR-US: Chipmunk Blogger Script
+CVE-2009-0398 (Array index error in the gst_qtp_trak_handler function in ...)
+       - gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
+       - gst-plugins-bad0.10 <not-affected> (Vulnerable code not present)
 CVE-2009-0397 (Heap-based buffer overflow in the qtdemux_parse_samples 
function in ...)
        - gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
        [lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
+       [etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
+       - gst-plugins-bad0.10 0.10.4-1
 CVE-2009-0396 (The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, 
K660i, ...)
        NOT-FOR-US: Sony Ericsson
 CVE-2009-0395 (SQL injection vulnerability in the login feature in NetArt 
Media Car ...)
@@ -61,9 +66,13 @@
 CVE-2009-0387 (Array index error in the qtdemux_parse_samples function in ...)
        - gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
        [lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
+       [etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
+       - gst-plugins-bad0.10 0.10.4-1
 CVE-2009-0386 (Heap-based buffer overflow in the qtdemux_parse_samples 
function in ...)
        - gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
        [lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
+       [etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
+       - gst-plugins-bad0.10 0.10.4-1
 CVE-2009-0384 (SQL injection vulnerability in autor.php in OwnRS CMS 1.2 
allows ...)
        NOT-FOR-US: OwnRS CMS
 CVE-2009-0383 (delete.php in Max.Blog 1.0.6 does not properly restrict access, 
which ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to