[Secure-testing-commits] r6150 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Wed Jul 18 22:01:03 UTC 2007
Author: jmm-guest
Date: 2007-07-18 22:01:03 +0000 (Wed, 18 Jul 2007)
New Revision: 6150
Modified:
data/CVE/list
Log:
silc doesn't affect etch
no-dsas for minor browser issues
mutt no-dsa, might come through s-p-u
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-18 21:56:57 UTC (rev 6149)
+++ data/CVE/list 2007-07-18 22:01:03 UTC (rev 6150)
@@ -543,6 +543,7 @@
TODO: check
CVE-2007-XXXX [silc-toolkit several buffer overflows]
- silc-toolkit 1.1.2-1
+ [etch] - silc-toolkit <not-affected> (Only the 1.1.x branch is affected)
NOTE: http://silcnet.org/docs/changelog/SILC Toolkit 1.1.2
CVE-2007-XXXX [silc-client several buffer overflows]
- silc-client 1.1.2-1
@@ -858,8 +859,10 @@
NOT-FOR-US: Lhaca
CVE-2007-3374 (Buffer overflow in cluster/cman/daemon/daemon.c in cman ...)
- redhat-cluster <unfixed> (medium)
+ TODO: File bug
CVE-2007-3373 (daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear ...)
- redhat-cluster <unfixed> (low)
+ TODO: File bug
CVE-2006-7209 (Multiple cross-site scripting (XSS) vulnerabilities in phpTrafficA ...)
NOT-FOR-US: phpTrafficA
CVE-2006-7208 (PHP remote file inclusion vulnerability in download.php in the Adam ...)
@@ -1397,15 +1400,21 @@
NOT-FOR-US: Zen Help Desk
CVE-2007-3145 (Visual truncation vulnerability in Galeon 2.0.1 allows remote ...)
- galeon <unfixed> (low; bug #429216)
+ [sarge] - galeon <no-dsa> (Minor issue)
+ [etch] - galeon <no-dsa> (Minor issue)
CVE-2007-3144 (Visual truncation vulnerability in Mozilla 1.7.12 allows remote ...)
- iceweasel <unfixed> (low)
[etch] - iceweasel <no-dsa> (Minor issue)
- iceape <unfixed> (low)
+ [etch] - iceape <no-dsa> (Minor issue)
- firefox <removed> (low)
- mozilla <removed> (low)
- xulrunner <unfixed> (low)
+ [etch] - xulrunner <no-dsa> (Minor issue)
CVE-2007-3143 (Visual truncation vulnerability in Konqueror 3.5.5 allows remote ...)
- kdebase <unfixed> (low)
+ [sarge] - kdebase <no-dsa> (Minor issue)
+ [etch] - kdebase <no-dsa> (Minor issue)
CVE-2007-3142 (Visual truncation vulnerability in Opera 9.21 allows remote attackers ...)
NOT-FOR-US: Opera
CVE-2007-3141 (PHP remote file inclusion vulnerability in core/editor.php in ...)
@@ -2484,6 +2493,8 @@
NOT-FOR-US: Jetbox CMS
CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to execute ...)
- mutt 1.5.15+20070608-1 (low; bug #426116)
+ [etch] - mutt <no-dsa> (Minor issue, hardly exploitable)
+ [sarge] - mutt <no-dsa> (Minor issue, hardly exploitable)
CVE-2007-2682 (The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as ...)
NOT-FOR-US: Adobe
CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution ...)
@@ -4740,7 +4751,7 @@
CVE-2007-1694
RESERVED
CVE-2007-1693 (The SIP channel module in Yet Another Telephony Engine (Yate) before ...)
- - yate 1.2.0-1.dfsg-1 (medium; bug #421994)
+ - yate 1.2.0-1.dfsg-1 (low; bug #421994)
CVE-2007-1692 (The default configuration of Microsoft Windows uses the Web Proxy ...)
NOT-FOR-US: Microsoft
CVE-2007-1691 (Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX ...)
More information about the Secure-testing-commits
mailing list