[Secure-testing-commits] r7486 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Mon Dec 3 21:14:10 UTC 2007 

Author: joeyh
Date: 2007-12-03 21:14:09 +0000 (Mon, 03 Dec 2007)
New Revision: 7486

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-03 17:29:03 UTC (rev 7485)
+++ data/CVE/list	2007-12-03 21:14:09 UTC (rev 7486)
@@ -1,3 +1,5 @@
+CVE-2007-6202 (SQL injection vulnerability in plugins/search/search.php in Neocrome ...)
+	TODO: check
 CVE-2007-XXXX [privilege escalation in sing]
 	- sing <unfixed> (high; bug #454167)
 CVE-2007-XXXX [insecure tmp file handling in difflog.pl shipped by zsh]
@@ -2,3 +4,3 @@
 	- zsh <unfixed> (low; bug #454073)
-CVE-2007-6201 [remote denial of service vulnerability in wesnoth through turn_cmd]
+CVE-2007-6201 (Unspecified vulnerability in Wesnoth before 1.2.8 allows attackers to ...)
 	- wesnoth 1:1.2.8-1 (low)
@@ -654,7 +656,7 @@
 CVE-2007-5926 (OpenBase 10.0.5 and earlier allows remote authenticated users to ...)
 	NOT-FOR-US: OpenBase
 CVE-2007-5925 (The convert_search_mode_to_innobase function in ha_innodb.cc in the ...)
-	{DSA-1413-1}
+	{DSA-1413-1 DTSA-91-1}
 	- mysql-dfsg-5.0 5.0.45-3 (medium; bug #451235)
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg <removed>
@@ -1064,8 +1066,7 @@
 	RESERVED
 CVE-2007-5743
 	RESERVED
-CVE-2007-5742 [directory traversal vulnerability in wesnoth]
-	RESERVED
+CVE-2007-5742 (Directory traversal vulnerability in the WML engine preprocessor for ...)
 	{DTSA-90-1}
 	- wesnoth 1:1.2.8-1 (medium; bug #453500)
 CVE-2007-5741 (Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers ...)
@@ -2237,8 +2238,7 @@
 	NOT-FOR-US: Oracle
 CVE-2007-5503 (Multiple integer overflows in Cairo before 1.4.12 might allow remote ...)
 	- libcairo <unfixed> (medium; bug #453686)
-CVE-2007-5502 [programming error in openssl fips object module leading to possible disclosure of information]
-	RESERVED
+CVE-2007-5502 (The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does ...)
 	NOT-FOR-US: OpenSSL Fips object module
 CVE-2007-5501 (The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux ...)
 	- linux-2.6 <unfixed> (high)

More information about the Secure-testing-commits mailing list