[Secure-testing-commits] r7473 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Sun Dec 2 21:14:09 UTC 2007
Author: joeyh
Date: 2007-12-02 21:14:08 +0000 (Sun, 02 Dec 2007)
New Revision: 7473
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-02 18:43:06 UTC (rev 7472)
+++ data/CVE/list 2007-12-02 21:14:08 UTC (rev 7473)
@@ -137,6 +137,7 @@
[sarge] - asterisk <not-affected> (Vulnerable code not present)
[etch] - asterisk <not-affected> (Vulnerable code not present)
CVE-2007-6170 (SQL injection vulnerability in the Call Detail Record Postgres logging ...)
+ {DSA-1417-1}
- asterisk <unfixed> (medium)
CVE-2007-6150 (The "internal state tracking" code for the random and urandom devices ...)
- kfreebsd-5 <unfixed> (high; bug #453944)
@@ -422,6 +423,7 @@
CVE-2002-2426 (Cross-site request forgery (CSRF) vulnerability in Citrix Presentation ...)
NOT-FOR-US: predating security tracker
CVE-2007-6035 (SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows ...)
+ {DSA-1418-1}
- cacti 0.8.7a-1 (medium; bug #452085)
CVE-2007-6011 (Unspecified vulnerability in main.php of BugHotel Reservation System ...)
NOT-FOR-US: BugHotel
@@ -2231,8 +2233,8 @@
CVE-2007-5503 (Multiple integer overflows in Cairo before 1.4.12 might allow remote ...)
- libcairo <unfixed> (medium; bug #453686)
CVE-2007-5502 [programming error in openssl fips object module leading to possible disclosure of information]
+ RESERVED
NOT-FOR-US: OpenSSL Fips object module
- RESERVED
CVE-2007-5501 (The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux ...)
- linux-2.6 <unfixed> (high)
[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.21)
More information about the Secure-testing-commits
mailing list