[Secure-testing-commits] r6207 - data/CVE

stef-guest at alioth.debian.org stef-guest at alioth.debian.org
Wed Aug 1 19:53:00 UTC 2007 

Author: stef-guest
Date: 2007-08-01 19:52:59 +0000 (Wed, 01 Aug 2007)
New Revision: 6207

Modified:
   data/CVE/list
Log:
fixed: gdm, qt, tcpdump, iceweasel

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-01 17:28:27 UTC (rev 6206)
+++ data/CVE/list	2007-08-01 19:52:59 UTC (rev 6207)
@@ -559,13 +559,13 @@
 	RESERVED
 CVE-2007-3845 [firefox external URI handler escaping vulnerability]
 	RESERVED
-	- iceweasel <unfixed> (medium)
+	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner <unfixed> (medium)
 	- iceape <unfixed> (medium)
 	- icedove <unfixed> (medium)
 CVE-2007-3844 [firefox about:blank regression]
 	RESERVED
-	- iceweasel <unfixed> (medium)
+	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner <unfixed> (medium)
 	- iceape <unfixed> (medium)
 	- icedove <unfixed> (medium)
@@ -660,7 +660,7 @@
 CVE-2007-3799 (The session_start function in ext/session in PHP 4.x up to 4.4.7 and ...)
 	TODO: check
 CVE-2007-3798 (Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 ...)
-	TODO: check
+	- tcpdump 3.9.5-3 (bug #434030)
 CVE-2007-3797
 	RESERVED
 CVE-2007-3796 (The password reset feature in the Spam Quarantine HTTP interface for ...)
@@ -1596,8 +1596,11 @@
 	REJECTED
 CVE-2007-3394 (Multiple SQL injection vulnerabilities in eNdonesia 8.4 allow remote ...)
 	NOT-FOR-US: eNdonesia
-CVE-2007-3388
+CVE-2007-3388 [qt vulnerability in QTextEdit]
 	RESERVED
+	- qt-x11-free 3:3.3.7-6
+	- qt4-x11 4.3.0-5
+	NOTE: there is some dissagreement whether qt4 is affected
 CVE-2007-3387 (Integer overflow in the StreamPredictor::StreamPredictor function in ...)
 	- poppler <unfixed> (bug #435460)
 	- gpdf <removed>
@@ -1621,8 +1624,9 @@
 	NOTE: affects example app in tomcat4-webapps
 CVE-2007-3382
 	RESERVED
-CVE-2007-3381
+CVE-2007-3381 [gdm DoS]
 	RESERVED
+	- gdm 2.18.4-1
 CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for Linux ...)
 	TODO: check
 CVE-2007-3379

More information about the Secure-testing-commits mailing list