[Secure-testing-commits] r7728 - data/CVE

[joeyh at alioth.debian.org]

Author: joeyh
Date: 2007-12-26 21:14:09 +0000 (Wed, 26 Dec 2007)
New Revision: 7728

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-26 15:51:00 UTC (rev 7727)
+++ data/CVE/list	2007-12-26 21:14:09 UTC (rev 7728)
@@ -1,3 +1,19 @@
+CVE-2007-6524 (Opera before 9.25 allows remote attackers to obtain potentially ...)
+	TODO: check
+CVE-2007-6523 (Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before ...)
+	TODO: check
+CVE-2007-6522 (The rich text editing functionality in Opera before 9.25 allows remote ...)
+	TODO: check
+CVE-2007-6521 (Unspecified vulnerability in Opera before 9.25 allows remote attackers ...)
+	TODO: check
+CVE-2007-6520 (Opera before 9.25 allows remote attackers to conduct cross-domain ...)
+	TODO: check
+CVE-2007-6519 (Unspecified vulnerability in the File-on-File Mounting File System ...)
+	TODO: check
+CVE-2007-6518 (Multiple SQL injection vulnerabilities in search.php in WoltLab ...)
+	TODO: check
+CVE-2007-6517 (SQL injection vulnerability in the forget password section ...)
+	TODO: check
 CVE-2007-XXXX [remote buffer overflow in tcpreen]
 	- tcpreen 1.4.3-0.3 (medium; bug #457781)
 	NOTE: CVE id pending
@@ -153,9 +169,11 @@
 CVE-2007-6452 (Unspecified vulnerability in the benchmark reporting system in Google ...)
 	- gwt <itp> (bug #402841)
 CVE-2007-6451 (Unspecified vulnerability in the CIP dissector in Wireshark (formerly ...)
+	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	- ethereal <removed>
 CVE-2007-6450 (The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 ...)
+	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	- ethereal <removed>
 CVE-2007-6449
@@ -175,20 +193,24 @@
 CVE-2007-6442
 	REJECTED
 CVE-2007-6441 (The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows ...)
+	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
 CVE-2007-6440
 	REJECTED
 CVE-2007-6439 (Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause ...)
+	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
 CVE-2007-6438 (Unspecified vulnerability in the SMB dissector in Wireshark (formerly ...)
+	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
 CVE-2007-6437 (Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows ...)
+	{DTSA-105-1}
 	- syslog-ng 2.0.6-1 (low; bug #457334)
 CVE-2003-1538 (susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and ...)
 	NOT-FOR-US: predating security tracker
@@ -238,8 +260,8 @@
 	RESERVED
 CVE-2007-6420
 	RESERVED
-CVE-2007-6419
-	RESERVED
+CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, ...)
+	TODO: check
 CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through ...)
 	{DSA-1436-1}
 	- linux-2.6 2.6.23-2
@@ -304,6 +326,7 @@
 CVE-2007-6388
 	RESERVED
 CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local users ...)
+	{DSA-1437-1}
 	- cupsys 1.3.5-1 (low; bug #456960)
 	[sarge] - cupsys <no-dsa> (Minor issue)
 	NOTE: the debian package is a bit confusing here as it also ships a pdftops
@@ -1671,6 +1694,7 @@
 CVE-2007-5850 (Heap-based buffer overflow in Desktop Services in Apple Mac OS X ...)
 	NOT-FOR-US: Desktop Services (Apple Mac OS X)
 CVE-2007-5849 (Integer underflow in the asn1_get_string function in the SNMP back end ...)
+	{DSA-1437-1}
 	- cupsys 1.3.5-1 (medium; bug #457453)
 	[sarge] - cupsys <not-affected> (Vulnerable code not present)
 CVE-2007-5848 (Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin ...)