[Secure-testing-commits] r5414 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Sun Feb 4 22:35:18 CET 2007
Author: jmm-guest
Date: 2007-02-04 22:35:15 +0100 (Sun, 04 Feb 2007)
New Revision: 5414
Modified:
data/CVE/list
Log:
tetex not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-04 21:34:09 UTC (rev 5413)
+++ data/CVE/list 2007-02-04 21:35:15 UTC (rev 5414)
@@ -53,7 +53,7 @@
CVE-2007-0665 (Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 ...)
NOT-FOR-US: WS_FTP Server
CVE-2007-0664 (thttpd before 2.25b-r6 in Gentoo Linux is started from the system root ...)
- - thttpd <not-affected>
+ - thttpd <not-affected> (Gentoo-specific packaging flaw)
NOTE: In accordance with Debian Policy is not possible start Webserver
NOTE: in root directory (/).
CVE-2007-0663 (SQL injection vulnerability in index.php in Eclectic Designs ...)
@@ -83,7 +83,7 @@
CVE-2007-0651
RESERVED
CVE-2007-0650 (Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 ...)
- - tetex-bin <unfixed>
+ - tetex-bin <not-affected> (Only vulnerable if compiled w/o kpathsea support, Debian does)
CVE-2007-0649 (Variable overwrite vulnerability in interface/globals.php in OpenEMR ...)
NOT-FOR-US: OpenEMR
CVE-2007-0648 (Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice ...)
More information about the Secure-testing-commits
mailing list