[Secure-testing-commits] r6350 - in data: CVE DSA

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Fri Aug 17 17:59:56 UTC 2007


Author: jmm-guest
Date: 2007-08-17 17:59:55 +0000 (Fri, 17 Aug 2007)
New Revision: 6350

Modified:
   data/CVE/list
   data/DSA/list
Log:
add kernel fixes from stable kernel update
knowledgetree still in oldstable
kfreebsd not supported
remove duped kernel entry, the correct CVE is -2007-


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-17 14:21:40 UTC (rev 6349)
+++ data/CVE/list	2007-08-17 17:59:55 UTC (rev 6350)
@@ -188,7 +188,7 @@
 	- serendipity 1.1.4-1
 	[etch] - serendipity <not-affected> (introduced in 1.1.x)
 CVE-2007-4281 (Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source ...)
-	NOT-FOR-US: KnowledgeTree
+	- knowledgetree <removed>
 CVE-2007-4279 (PHP remote file inclusion vulnerability in config.php in ...)
 	NOT-FOR-US: FrontAccounting
 CVE-2007-4278 (Stack-based buffer overflow in ESRI ArcSDE service 9.2, as used with ...)
@@ -1413,8 +1413,10 @@
 	NOT-FOR-US: Solaris
 CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs scheduling ...)
 	- kfreebsd-5 <unfixed> (low)
+	[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
 CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives preference to ...)
 	- kfreebsd-5 <unfixed> (low)
+	[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
 CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs scheduling ...)
 	TODO: check
 CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...)
@@ -18135,9 +18137,8 @@
 	RESERVED
 CVE-2006-3643 (Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3642 [h323 conntrack remote DoS]
+CVE-2006-3642
 	RESERVED
-	- linux-2.6 2.6.21-6 (medium)
 CVE-2006-3641
 	RESERVED
 CVE-2006-3640 (Microsoft Internet Explorer 5.01 and 6 allows certain script to ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2007-08-17 14:21:40 UTC (rev 6349)
+++ data/DSA/list	2007-08-17 17:59:55 UTC (rev 6350)
@@ -1,6 +1,7 @@
 [15 Aug 2007] DSA-1356-1 linux-2.6 - several vulnerabilities
-	{CVE-2007-1353 CVE-2007-2172 CVE-2007-2453 CVE-2007-2525 CVE-2007-2876 CVE-2007-3513 CVE-2007-3642 CVE-2007-3848 CVE-2007-3851}
+	{CVE-2007-1353 CVE-2007-2172 CVE-2007-2453 CVE-2007-2525 CVE-2007-2876 CVE-2007-3513 CVE-2007-3642 CVE-2007-3848 CVE-2007-3851 CVE-2007-2242 CVE-2006-5753}
 	[etch] - linux-2.6 2.6.18.dfsg.1-13etch1
+	NOTE: The above entry includes fixes pulled in through -13 in 4.0r1
 [13 Aug 2007] DSA-1355-1 kdegraphics - integer overflow
 	{CVE-2007-3387}
 	[sarge] - kdegraphics 4:3.3.2-2sarge5




More information about the Secure-testing-commits mailing list