[Secure-testing-commits] r5466 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Sat Feb 17 10:37:15 UTC 2007 

Author: stef-guest
Date: 2007-02-17 11:37:11 +0100 (Sat, 17 Feb 2007)
New Revision: 5466

Modified:
   data/CVE/list
Log:
twiki, amarok, stlport5 fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-02-16 23:20:05 UTC (rev 5465)
+++ data/CVE/list	2007-02-17 10:37:11 UTC (rev 5466)
@@ -200,7 +200,7 @@
 	RESERVED
 CVE-2007-0896 (Cross-site scripting (XSS) vulnerability in the (1) Sage before ...)
 	- firefox-sage 1.3.10-1
-CVE-2007-0451
+CVE-2007-0451 [DoS in spamassassin URI parsing causes SA to enter loop eating all RAM]
 	RESERVED
 	- spamassassin 3.1.7-2 (bug #410843)
 	NOTE: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318
@@ -466,7 +466,7 @@
 CVE-2007-0804 (Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 ...)
 	NOT-FOR-US: GGCMS
 CVE-2007-0803 (Multiple buffer overflows in STLport before 5.0.3 allow remote ...)
-	- stlport5 <unfixed> (bug #410864; low)
+	- stlport5 5.0.3-1 (bug #410864; low)
 CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...)
 	- iceweasel <unfixed> (low)
 CVE-2007-0801 (The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox ...)
@@ -541,8 +541,7 @@
 CVE-2006-6981 (3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows ...)
 	NOT-FOR-US: 3proxy
 CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to cause a ...)
-	TODO: check
-	NOTE: This seems to only be a crash.  Needs further investigation.
+	- amarok 1.4.4-3 (bug #410850)
 CVE-2006-6979 (The ruby handlers in Amarok do not properly quote text in certain ...)
 	- amarok <unfixed> (bug #410850; medium)
 CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the &quot;Basic Toolbar ...)
@@ -783,7 +782,7 @@
 CVE-2007-0670 (Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local ...)
 	NOT-FOR-US: IBM AIX
 CVE-2007-0669 (Unspecified vulnerability in Twiki 4.0.0 through 4.1.0 allows local ...)
-	- twiki <unfixed> (bug #410256)
+	- twiki 1:4.0.5-9 (bug #410256)
 CVE-2007-0668 (The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in ...)
 	NOT-FOR-US: Sun Solaris.
 CVE-2007-0667 (The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and ...)

More information about the Secure-testing-commits mailing list