[Secure-testing-commits] r5601 - data/CVE

Kees Cook keescook-guest at alioth.debian.org
Wed Mar 28 22:06:34 CET 2007


Author: keescook-guest
Date: 2007-03-28 21:06:31 +0000 (Wed, 28 Mar 2007)
New Revision: 5601

Modified:
   data/CVE/list
Log:
NFU, unfixed: inkscape, fixed: iceweasel

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-03-28 10:00:49 UTC (rev 5600)
+++ data/CVE/list	2007-03-28 21:06:31 UTC (rev 5601)
@@ -59,7 +59,7 @@
 CVE-2007-1563 (The FTP protocol implementation in Opera 9.10 allows remote attackers ...)
 	NOT-FOR-US: Opera
 CVE-2007-1562 (The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and ...)
-	TODO: check
+	- iceweasel 2.0.0.3-1 (low)
 CVE-2007-1560 (The clientProcessRequest() function in squid/src/client_side.c in ...)
 	- squid 2.6.5-6
 CVE-2007-1559
@@ -137,7 +137,7 @@
 CVE-2007-1524 (Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 ...)
 	NOT-FOR-US: ZomPlog
 CVE-2007-1523 (Heap-based buffer overflow in the kernel in NetBSD 3.0, certain ...)
-	TODO: check
+	NOT-FOR-US: NetBSD
 CVE-2007-1522 (Double free vulnerability in the session extension in PHP 5.2.0 and ...)
 	- php5 <unfixed>
 CVE-2007-1521 (Double free vulnerability in PHP 5.2.1 and earlier allows ...)
@@ -276,9 +276,9 @@
 CVE-2007-1465
 	RESERVED
 CVE-2007-1464 (Format string vulnerability in the whiteboard Jabber protocol in ...)
-	TODO: check
+	- inkscape <unfixed> (medium)
 CVE-2007-1463 (Format string vulnerability in Inkscape before 0.45.1 allows ...)
-	TODO: check
+	- inkscape <unfixed> (low)
 CVE-2007-1462 (The luci server component in conga preserves the password between page ...)
 	NOT-FOR-US: conga
 CVE-2007-1461 (The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP ...)




More information about the Secure-testing-commits mailing list