[Secure-testing-commits] r6355 - data/CVE

[stef-guest at alioth.debian.org]

Author: stef-guest
Date: 2007-08-19 08:45:39 +0000 (Sun, 19 Aug 2007)
New Revision: 6355

Modified:
   data/CVE/list
Log:
madwifi fixed in etch

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-18 12:24:32 UTC (rev 6354)
+++ data/CVE/list	2007-08-19 08:45:39 UTC (rev 6355)
@@ -2878,8 +2878,10 @@
 	NOT-FOR-US: Microsoft FrontPage
 CVE-2007-3108 (The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL ...)
 	- openssl 0.9.8e-6 (bug #438142; low)
+	- openssl097 <removed>
 	[sarge] - openssl <no-dsa> (Not exploitable in a real-world scenario)
 	[etch] - openssl <no-dsa> (Not exploitable in a real-world scenario)
+	[etch] - openssl097 <no-dsa> (Not exploitable in a real-world scenario)
 CVE-2007-3107 (The signal handling in the Linux kernel 2.6.2 and later, when run on ...)
 	- linux-2.6 <unfixed> (unimportant)
 	NOTE: Not reproducibly reliably by an attacker, mostly a bug
@@ -3529,13 +3531,13 @@
 	NOT-FOR-US: Cisco
 CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ...)
 	- madwifi 1:0.9.3-2 (high; bug #425738)
-	[etch] - madwifi <no-dsa> (Non-free not supported)
+	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
 CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 ...)
 	- madwifi 1:0.9.3-2 (medium; bug #425738)
-	[etch] - madwifi <no-dsa> (Non-free not supported)
+	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
 CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in MadWifi ...)
 	- madwifi 1:0.9.3-2 (medium; bug #425738)
-	[etch] - madwifi <no-dsa> (Non-free not supported)
+	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
 CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php ...)
 	NOT-FOR-US: AdSense-Deluxe
 CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX ...)