[Secure-testing-commits] r5527 - data/CVE

Kees Cook keescook-guest at alioth.debian.org
Fri Mar 9 03:02:50 CET 2007


Author: keescook-guest
Date: 2007-03-09 02:02:46 +0000 (Fri, 09 Mar 2007)
New Revision: 5527

Modified:
   data/CVE/list
Log:
added bugs for open issues in gnupg, xine-lib, ekiga

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-03-08 20:40:49 UTC (rev 5526)
+++ data/CVE/list	2007-03-09 02:02:46 UTC (rev 5527)
@@ -103,7 +103,8 @@
 CVE-2007-1264 (Enigmail 0.94.2 and earlier does not properly use the --status-fd ...)
 	TODO: check
 CVE-2007-1263 (GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the ...)
-	- gnupg <unfixed> (low)
+	- gnupg <unfixed> (bug #413922; low)
+	- gpgme1.0 <unfixed> (low)
 CVE-2007-1262
 	RESERVED
 CVE-2007-1261 (Unspecified vulnerability in the reports system in OpenBiblio before ...)
@@ -138,7 +139,7 @@
 	NOT-FOR-US: aWebNews
 CVE-2007-1246 (The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in ...)
 	- mplayer <unfixed> (medium)
-	- xine-lib <unfixed> (medium)
+	- xine-lib <unfixed> (bug #414072; medium)
 	NOTE: vlc checked, and is not affected.
 CVE-2007-1245 (IrfanView 3.99 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: IrfanView
@@ -863,7 +864,7 @@
 CVE-2007-1000
 	RESERVED
 CVE-2007-0999
-	RESERVED
+	- ekiga <unfixed> (bug #414069; high)
 CVE-2007-0998
 	RESERVED
 CVE-2007-0997




More information about the Secure-testing-commits mailing list