[Secure-testing-commits] r7682 - data/CVE

stef-guest at alioth.debian.org stef-guest at alioth.debian.org
Sat Dec 22 13:02:18 UTC 2007 

Author: stef-guest
Date: 2007-12-22 13:02:18 +0000 (Sat, 22 Dec 2007)
New Revision: 7682

Modified:
   data/CVE/list
Log:
- new wireshark issues fixed
- new unp issue fixed
- adjust clamav version for volatile


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-22 12:29:08 UTC (rev 7681)
+++ data/CVE/list	2007-12-22 13:02:18 UTC (rev 7682)
@@ -1,3 +1,5 @@
+CVE-2007-XXXX [unp insufficient escaping of shell meta characters]
+	- unp 1.0.13 (bug #448437)
 CVE-2007-6507 (SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, ...)
 	NOT-FOR-US: Trend Micro ServerProtect
 CVE-2007-6506 (The HPRulesEngine.ContentCollection.1 ActiveX Control in ...)
@@ -116,9 +118,11 @@
 CVE-2007-6452 (Unspecified vulnerability in the benchmark reporting system in Google ...)
 	- gwt <itp> (bug #402841)
 CVE-2007-6451 (Unspecified vulnerability in the CIP dissector in Wireshark (formerly ...)
-	TODO: Check
+	- wireshark 0.99.7-1
+	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.8.16)
 CVE-2007-6450 (The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 ...)
-	TODO: Check
+	- wireshark 0.99.7-1
+	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.8.16)
 CVE-2007-6449
 	REJECTED
 CVE-2007-6448
@@ -140,9 +144,11 @@
 CVE-2007-6440
 	REJECTED
 CVE-2007-6439 (Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause ...)
-	TODO: check
+	- wireshark 0.99.7-1
+	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.8.16)
 CVE-2007-6438 (Unspecified vulnerability in the SMB dissector in Wireshark (formerly ...)
-	TODO: check
+	- wireshark 0.99.7-1
+	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.8.16)
 CVE-2007-6437 (Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows ...)
 	- syslog-ng <unfixed> (low; bug #457334)
 CVE-2003-1538 (susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and ...)
@@ -394,13 +400,13 @@
 CVE-2007-6337
 	RESERVED
 	{DTSA-101-1}
-	- clamav 0.92~dfsg-1
+	- clamav 0.92~dfsg-1~volatile2
 CVE-2007-6336 (Off-by-one error in ClamAV before 0.92 allows remote attackers to ...)
 	{DTSA-101-1}
-	- clamav 0.92~dfsg-1
+	- clamav 0.92~dfsg-1~volatile2
 CVE-2007-6335 (Integer overflow in libclamav in ClamAV before 0.92 allows remote ...)
 	{DTSA-101-1}
-	- clamav 0.92~dfsg-1
+	- clamav 0.92~dfsg-1~volatile2
 CVE-2007-6334 (Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and ...)
 	NOT-FOR-US: Ingres on Windows
 CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...)

More information about the Secure-testing-commits mailing list