[Secure-testing-commits] r11794 - data/CVE

Tue, 05 May 2009 07:42:33 -0700 

Author: nion
Date: 2009-05-05 14:42:28 +0000 (Tue, 05 May 2009)
New Revision: 11794

Modified:
   data/CVE/list
Log:
- new kfreebsd-7 issue doesn't affect us
- CVE-2009-14[15-17] fixed ingnutls26 2.6.6-1, -15 and -16 don't affect 
etch/lenny


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-05-05 14:28:10 UTC (rev 11793)
+++ data/CVE/list       2009-05-05 14:42:28 UTC (rev 11794)
@@ -242,7 +242,7 @@
 CVE-2009-1437 (Stack-based buffer overflow in PortableApps CoolPlayer Portable 
(aka ...)
        NOT-FOR-US: CoolPlayer
 CVE-2009-1436 (The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and ...)
-       TODO: check
+       - kfreebsd-7 <not-affected> (kfreebsd uses a different libc version)
 CVE-2009-1435 (NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 
SP1 ...)
        NOT-FOR-US: Trend Micro OfficeScan
 CVE-2009-1434 (Cross-site request forgery (CSRF) vulnerability in Foswiki 
before ...)
@@ -288,11 +288,15 @@
 CVE-2009-1418
        RESERVED
 CVE-2009-1417 (gnutls-cli in GnuTLS before 2.6.6 does not verify the 
activation and ...)
-       TODO: check
+       - gnutls26 2.6.6-1 (medium)
 CVE-2009-1416 (lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 
generates ...)
-       TODO: check
+       - gnutls26 2.6.6-1 (medium)
+       [lenny] - gnutls26 <not-affected> (Vulnerable code not present)
+       [etch] - gnutls26 <not-affected> (Vulnerable code not present)
 CVE-2009-1415 (lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not 
...)
-       TODO: check
+       - gnutls26 2.6.6-1 (medium)
+       [lenny] - gnutls26 <not-affected> (Vulnerable code not present)
+       [etch] - gnutls26 <not-affected> (Vulnerable code not present)
 CVE-2009-1414 (Google Chrome 2.0.x lets modifications to the global object 
persist ...)
        - chromium-browser <itp> (bug #520324)
 CVE-2009-1413 (Google Chrome 1.0.x does not cancel timeouts upon a page 
transition, ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to