[Secure-testing-commits] r6343 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Thu Aug 16 21:14:09 UTC 2007 

Author: joeyh
Date: 2007-08-16 21:14:08 +0000 (Thu, 16 Aug 2007)
New Revision: 6343

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-16 20:58:17 UTC (rev 6342)
+++ data/CVE/list	2007-08-16 21:14:08 UTC (rev 6343)
@@ -699,7 +699,7 @@
 CVE-2007-4042 (Multiple argument injection vulnerabilities in Netscape Navigator 9 ...)
 	NOT-FOR-US: Netscape Navigator
 CVE-2007-4041 (Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 ...)
-	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
 	- iceweasel 2.0.0.6-1
 CVE-2007-4040 (Argument injection vulnerability involving Microsoft Outlook and ...)
 	NOT-FOR-US: Micrsoft Outlook
@@ -1094,25 +1094,27 @@
 CVE-2007-3852 (The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates ...)
 	TODO: check
 CVE-2007-3851 (The drm/i915 component in the Linux kernel before 2.6.22.2, when used ...)
+	{DSA-1356-1}
 	TODO: check
 CVE-2007-3850
 	RESERVED
 CVE-2007-3849
 	RESERVED
 CVE-2007-3848 (Linux kernel 2.4.35 and other versions allows local users to send ...)
+	{DSA-1356-1}
 	TODO: check
 CVE-2007-3847
 	RESERVED
 CVE-2007-3846
 	RESERVED
 CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x ...)
-	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
 	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner 1.8.1.6-1 (medium)
 	- iceape 1.1.3-2 (medium)
 	- icedove <unfixed> (medium)
 CVE-2007-3844 (Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and ...)
-	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1}
+	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
 	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner 1.8.1.6-1 (medium)
 	- iceape 1.1.3-2 (medium)
@@ -1580,6 +1582,7 @@
 CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative privileges ...)
 	NOT-FOR-US: AV Arcade
 CVE-2007-3642 (The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c ...)
+	{DSA-1356-1}
 	- linux-2.6 2.6.22-2
 CVE-2007-3641 (archive_read_support_format_tar.c in libarchive before 2.2.4 does not ...)
 	- libarchive 2.2.4-1 (bug #432924; low)
@@ -1885,6 +1888,7 @@
 CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows ...)
 	NOT-FOR-US: Apple Safari
 CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux ...)
+	{DSA-1356-1}
 	- linux-2.6 <unfixed>
 CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows ...)
 	NOT-FOR-US: Lhaca
@@ -3380,6 +3384,7 @@
 CVE-2007-2877 (Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 ...)
 	NOTE: Not a security issue; Windows-only anyway.
 CVE-2007-2876 (The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) ...)
+	{DSA-1356-1}
 	- linux-2.6 2.6.21-5 (medium)
 CVE-2007-2875 (Integer underflow in the cpuset_tasks_read function in the Linux ...)
 	- linux-2.6 2.6.21-5 (medium)
@@ -4202,6 +4207,7 @@
 CVE-2007-2526 (Heap-based buffer overflow in the ConnectAsyncEx function in VNC ...)
 	NOT-FOR-US: VNC Viewer ActiveX control
 CVE-2007-2525 (Memory leak in the PPP over Ethernet (PPPoE) socket implementation in ...)
+	{DSA-1356-1}
 	- linux-2.6 <unfixed>
 CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS (Open ...)
 	{DSA-1298-1}
@@ -4369,6 +4375,7 @@
 CVE-2007-2454 (Heap-based buffer overflow in the VGA device in Parallels allows local ...)
 	NOT-FOR-US: Parallels
 CVE-2007-2453 (The random number feature in Linux kernel 2.6 before 2.6.20.13, and ...)
+	{DSA-1356-1}
 	- linux-2.6 2.6.21-5 (low)
 CVE-2007-2452 (Heap-based buffer overflow in the visit_old_format function in ...)
 	- findutils 4.2.31-1 (low; bug #426862)
@@ -5023,6 +5030,7 @@
 CVE-2007-2173 (Eval injection vulnerability in (1) courier-imapd.indirect and (2) ...)
 	NOT-FOR-US: Gentoo's packaging of courier
 CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 ...)
+	{DSA-1356-1}
 	- linux-2.6 <unfixed> (medium)
 CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in ...)
 	NOT-FOR-US: Novell GroupWise
@@ -6991,6 +6999,7 @@
 CVE-2007-1354 (The Access Control functionality (JMXOpsAccessControlFilter) in JMX ...)
 	NOT-FOR-US: JBoss Application Server
 CVE-2007-1353 (The setsockopt function in the L2CAP and HCI Bluetooth support in the ...)
+	{DSA-1356-1}
 	- linux-2.6 <unfixed> (low)
 CVE-2007-1352 (Integer overflow in the FontFileInitTable function in X.Org libXfont ...)
 	{DSA-1294-1}

More information about the Secure-testing-commits mailing list