[Secure-testing-commits] r5204 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Sat Dec 30 23:56:45 CET 2006


Author: stef-guest
Date: 2006-12-30 23:56:43 +0100 (Sat, 30 Dec 2006)
New Revision: 5204

Modified:
   data/CVE/list
Log:
- CVE-2006-0579: mplayer already fixed
- CVE-2005-4784: does not affect linux


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-12-30 22:24:06 UTC (rev 5203)
+++ data/CVE/list	2006-12-30 22:56:43 UTC (rev 5204)
@@ -11605,7 +11605,8 @@
 CVE-2006-1710 (SQL injection vulnerability in admin.php in Design Nation DNGuestbook ...)
 	NOT-FOR-US: DNGuestbook
 CVE-2005-4784 (Multiple buffer overflows in the POSIX readdir_r function, as used in ...)
-	TODO: check
+	NOTE: this does not affect linux
+	TODO: check kfreebsd
 CVE-2005-4783 (kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not ...)
 	NOT-FOR-US: NetBSD
 CVE-2005-4782 (NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is ...)
@@ -14348,7 +14349,8 @@
 CVE-2006-0580 (IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Lotus Domino
 CVE-2006-0579 (Multiple integer overflows in (1) the new_demux_packet function in ...)
-	TODO: check, whether the vulnerable code is present in xine-lib or ffmpeg
+	- mplayer <not-affected> (fixed before first upload; 1.0pre7try3)
+	NOTE: code not in ffmpeg and xine-lib 
 CVE-2006-0578 (Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce ...)
 	NOT-FOR-US: Blue Coat Proxy Security Gateway OS
 CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by ...)




More information about the Secure-testing-commits mailing list