[Secure-testing-commits] r6356 - in data: . CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Sun Aug 19 10:01:33 UTC 2007 

Author: jmm-guest
Date: 2007-08-19 10:01:33 +0000 (Sun, 19 Aug 2007)
New Revision: 6356

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
fix mecab version
spamassassin no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-19 08:45:39 UTC (rev 6355)
+++ data/CVE/list	2007-08-19 10:01:33 UTC (rev 6356)
@@ -2569,7 +2569,7 @@
 CVE-2007-3232 (The IBM TotalStorage DS400 with firmware 4.15 uses a blank password ...)
 	NOT-FOR-US: IBM
 CVE-2007-3231 (Buffer overflow in MeCab before 0.96 has unknown impact and attack ...)
-	- mecab mecab-0.95-1.1 (bug #429174; low)
+	- mecab 0.95-1.1 (bug #429174; low)
 CVE-2007-3230 (PHP remote file inclusion vulnerability in phphtml.php in Idan Sofer ...)
 	NOT-FOR-US: PHP::HTML
 CVE-2007-3229 (index.php in Singapore Gallery allows remote attackers to obtain ...)
@@ -3397,6 +3397,8 @@
 	- wpasupplicant <not-affected> (Fedora-only issue)
 CVE-2007-2873 (SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as ...)
 	- spamassassin 3.2.1-1 (low)
+	[sarge] - spamassassin <no-dsa> (Only obscure setups affected, only locally exploitable)
+	[etch] - spamassassin <no-dsa> (Only obscure setups affected, only locally exploitable)
 CVE-2007-2872 (Multiple integer overflows in the chunk_split function in PHP 5 before ...)
 	- php5 <unfixed> (unimportant)
 	NOTE: Only triggerable by malicious script

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2007-08-19 08:45:39 UTC (rev 6355)
+++ data/embedded-code-copies	2007-08-19 10:01:33 UTC (rev 6356)
@@ -4,7 +4,7 @@
 xpdf code: (some use xpdf 2, some xpdf 3)
 gpdf (has been replaced by evince - which uses poppler - in Etch)
 pdftohtml (has been replaced by poppler-utils from the poppler source package, still in Etch, though)
-kdegraphics/kpdf (upstream is working on using poppler, #436164)
+kdegraphics/kpdf (okular, the kpdf replacement in KDE 4 is using poppler, #436164)
 tetex-bin (links to poppler since 3.0-12)
 cupsys (uses xpdf-utils, it's still present in the src, though)
 poppler

More information about the Secure-testing-commits mailing list