[Secure-testing-commits] r6156 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Sat Jul 21 06:38:50 UTC 2007
Author: stef-guest
Date: 2007-07-21 06:38:49 +0000 (Sat, 21 Jul 2007)
New Revision: 6156
Modified:
data/CVE/list
Log:
add bugnums, fixed: owl-dms, flac123
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-19 17:01:57 UTC (rev 6155)
+++ data/CVE/list 2007-07-21 06:38:49 UTC (rev 6156)
@@ -783,7 +783,7 @@
- glibc 2.6-2 (unimportant; bug #431858)
NOTE: Not security-relevant
CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value function ...)
- - flac123 <unfixed> (medium; bug #432008)
+ - flac123 0.0.11-1 (medium; bug #432008)
CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType ...)
- freetype 2.3.4 (bug #432013)
[sarge] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
@@ -1462,7 +1462,7 @@
[etch] - flyspray <not-affected> (Vulnerable code not)
[sarge] - flyspray <not-affected> (Vulnerable code not included)
- moodle <not-affected> (Doesn't affect moodle per maintainer)
- - owl-dms <unfixed> (bug #429197)
+ - owl-dms 0.94-2 (bug #429197)
- knowledgeroot 0.9.8.2-2 (bug #429196)
[etch] - knowledgeroot <not-affected> (Vulnerable code not used)
- ipplan 4.85-2 (bug #429193)
@@ -4557,7 +4557,7 @@
{DSA-1312-1}
- libapache-mod-jk 1:1.2.23-1 (bug #425836)
CVE-2007-1859 (XScreenSaver 4.10, when using a remote directory service for ...)
- - xscreensaver <unfixed> (low)
+ - xscreensaver <unfixed> (low; bug #433964)
CVE-2007-1858 (The default SSL cipher configuration in Apache Tomcat 4.1.28 through ...)
NOTE: insecure ciphers should not be (and usually are not) enabled in browsers
[sarge] - tomcat4 <no-dsa> (low)
@@ -5499,7 +5499,7 @@
CVE-2007-1474 (Argument injection vulnerability in the cleanup cron script in Horde ...)
- horde3 3.1.3-4 (medium)
CVE-2007-1473 (Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in ...)
- - horde3 <unfixed> (low)
+ - horde3 <unfixed> (low; bug #434045)
CVE-2007-1472 (Variable overwrite vulnerability in groupit/base/groupit.start.inc in ...)
NOT-FOR-US: Groupit
CVE-2007-1471 (admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass ...)
More information about the Secure-testing-commits
mailing list