[Secure-testing-commits] r6095 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Wed Jul 4 19:32:36 UTC 2007 

Author: jmm-guest
Date: 2007-07-04 19:32:36 +0000 (Wed, 04 Jul 2007)
New Revision: 6095

Modified:
   data/CVE/list
Log:
new kernel issue
glibc non-issue
two new vlc CVE IDs
iceape no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-07-04 09:14:09 UTC (rev 6094)
+++ data/CVE/list	2007-07-04 19:32:36 UTC (rev 6095)
@@ -1,7 +1,7 @@
 CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows ...)
 	TODO: check
 CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux ...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows ...)
 	TODO: check
 CVE-2007-3511 (The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12 ...)
@@ -10,8 +10,10 @@
 	RESERVED
 CVE-2007-3509
 	RESERVED
-CVE-2007-3508
+CVE-2007-3508 [glibc hwcaps integer overflow]
 	RESERVED
+	- glibc <unfixed> (unimportant)
+	NOTE: Not security-relevant
 CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value function ...)
 	TODO: check
 CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType ...)
@@ -91,9 +93,9 @@
 CVE-2007-3469 (Unspecified vulnerability in the TCP Loopback/Fusion implementation in ...)
 	TODO: check
 CVE-2007-3468 (input.c in VideoLAN VLC Media Player before 0.8.6c allows remote ...)
-	TODO: check
+	- vlc 0.8.6.c.debian-1 (bug #429726)
 CVE-2007-3467 (Integer overflow in the __status_Update function in stats.c VideoLAN ...)
-	TODO: check
+	- vlc 0.8.6.c.debian-1 (bug #429726)
 CVE-2007-3466
 	RESERVED
 CVE-2007-3465 (Check Point SofaWare Safe at Office, with firmware before Embedded NGX ...)
@@ -165,11 +167,11 @@
 CVE-2007-3438 (Buffer overflow in the SIP header parsing module in the Nortel PC ...)
 	NOT-FOR-US: Nortel PC Client SIP Soft Phone
 CVE-2007-3437 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote ...)
-	TODO: check
+	NOT-FOR-US: AOL Instant Messenger
 CVE-2007-3436 (Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to ...)
 	NOT-FOR-US: Microsoft 
 CVE-2007-3435 (Stack-based buffer overflow in the BeginPrint method in a certain ...)
-	TODO: check
+	NOT-FOR-US: BarCodeAx.dll
 CVE-2007-3434 (index.php in Pharmacy System 2 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Pharmacy System
 CVE-2007-3433 (SQL injection vulnerability in index.php in Pharmacy System 2 and ...)
@@ -5746,6 +5748,7 @@
 	- iceweasel <unfixed> (low)
 	[etch] - iceweasel <no-dsa> (Minor issue)
 	- iceape <unfixed> (low)
+	[etch] - iceape <no-dsa> (Minor issue)
 	NOTE: xulrunner by itself is not affeced, but other browsers based on xulrunner may be affected
 	TODO: check epiphany, galeon and kazehakase
 CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX ...)

More information about the Secure-testing-commits mailing list