[Secure-testing-commits] r6026 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Sun Jun 17 20:29:25 UTC 2007 

Author: jmm-guest
Date: 2007-06-17 20:29:25 +0000 (Sun, 17 Jun 2007)
New Revision: 6026

Modified:
   data/CVE/list
Log:
maradns not-affected
w3m duped
flyspray fixed / not affected


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-06-16 21:14:07 UTC (rev 6025)
+++ data/CVE/list	2007-06-17 20:29:25 UTC (rev 6026)
@@ -29,7 +29,7 @@
 CVE-2007-3232 (The IBM TotalStorage DS400 with firmware 4.15 uses a blank password ...)
 	NOT-FOR-US: IBM
 CVE-2007-3231 (Buffer overflow in MeCab before 0.96 has unknown impact and attack ...)
-	- mecab <unfixed> (bug #429174)
+	- mecab <unfixed> (bug #429174; unknown)
 CVE-2007-3230 (PHP remote file inclusion vulnerability in phphtml.php in Idan Sofer ...)
 	NOT-FOR-US: PHP::HTML
 CVE-2007-3229 (index.php in Singapore Gallery allows remote attackers to obtain ...)
@@ -62,8 +62,10 @@
 	NOT-FOR-US: CA BrightStor products
 CVE-2007-3215 (PHPMailer 1.7, when configured to use sendmail, allows remote ...)
 	- libphp-phpmailer <unfixed> (high; bug #429179)
-	- flyspray <unfixed> (bug #429191; bug #429195)
-	- moodle <unfixed> (bug #429190)
+        - flyspray 0.9.8-12 (bug #429191; bug #429195)
+	[etch] - flyspray <not-affected> (Vulnerable code not)
+	[sarge] - flyspray <not-affected> (Vulnerable code not included)
+	- moodle <not-affected> (Doesn't affect moodle per maintainer)
 	- owl-dms <unfixed> (bug #429197)
 	- knowledgeroot <unfixed> (bug #429196)
 	- ipplan <unfixed> (bug #429193)
@@ -272,7 +274,7 @@
 CVE-2007-3126 (Gimp 2.3.14 allows context-dependent attackers to cause a denial of ...)
 	- gimp <unfixed> (unimportant)
 CVE-2007-3125 (Format string vulnerability in the inputAnswer function in file.c in ...)
-	- w3m <unfixed> (medium; bug #429218)
+	NOTE: Duplicate of CVE-2006-6772
 CVE-2007-3124 (Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in ...)
 	NOT-FOR-US: FreeVMS
 CVE-2007-3123 (unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
@@ -291,10 +293,13 @@
 	NOT-FOR-US: ADPLAN
 CVE-2007-3116 (Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows ...)
 	- maradns 1.2.12.06-1
+	[sarge] - maradns <not-affected> (1.0.x branch not affected)
 CVE-2007-3115 (Multiple memory leaks in server/MaraDNS.c in MaraDNS before 1.2.12.06, ...)
 	- maradns 1.2.12.06-1
+	[sarge] - maradns <not-affected> (1.0.x branch not affected)
 CVE-2007-3114 (Memory leak in server/MaraDNS.c in MaraDNS before 1.2.12.05, and 1.3.x ...)
 	- maradns 1.2.12.05-1
+	[sarge] - maradns <not-affected> (1.0.x branch not affected)
 CVE-2007-3113 (Cacti 0.8.6i, and possibly other versions, allows remote authenticated ...)
 	- cacti <unfixed> (low; bug #429224)
 CVE-2007-3112 (Cacti 0.8.6i, and possibly other versions, allows remote authenticated ...)

More information about the Secure-testing-commits mailing list