[Secure-testing-commits] r5787 - data/CVE

Florian Weimer fw at alioth.debian.org
Sat May 5 10:58:36 UTC 2007 

Author: fw
Date: 2007-05-05 10:58:32 +0000 (Sat, 05 May 2007)
New Revision: 5787

Modified:
   data/CVE/list
Log:
Use NOTE: instead of NOT-FOR-US: for duplicates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-05-05 10:32:18 UTC (rev 5786)
+++ data/CVE/list	2007-05-05 10:58:32 UTC (rev 5787)
@@ -90,7 +90,7 @@
 CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.1, ...)
 	TODO: check
 CVE-2007-2436 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel ...)
-	NOT-FOR-US: Duplicate of CVE-2007-1861
+	NOTE: Duplicate of CVE-2007-1861
 CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...)
 	TODO: check
 CVE-2007-2434 (Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows ...)
@@ -1283,7 +1283,7 @@
 	- php5 5.2.0-11 (medium)
 	NOTE: php5 is vulnerable due to improper use of the system sqlite libs
 CVE-2007-1886 (Integer overflow in the str_replace function in PHP 4.4.5 and PHP ...)
-	NOT-FOR-US: Duplicate of CVE-2007-1885
+	NOTE: Duplicate of CVE-2007-1885
 CVE-2007-1885 (Integer overflow in the str_replace function in PHP 4 before 4.4.5 and ...)
 	NOTE: Dupe of CVE-2007-0906; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
 CVE-2007-1884 (Multiple integer signedness errors in the printf function family in ...)
@@ -1481,7 +1481,7 @@
 CVE-2007-1795 (JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: URLshrink
 CVE-2007-1794 (The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, ...)
-	NOT-FOR-US: Duplicate of CVE-2006-3805
+	NOTE: Duplicate of CVE-2006-3805
 CVE-2007-1793 (SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and ...)
 	NOT-FOR-US: Symantec Norton Personal Firewall
 CVE-2007-1792
@@ -17743,7 +17743,8 @@
 	NOT-FOR-US: PHP-Nuke
 CVE-2006-1845
 	REJECTED
-	NOT-FOR-US: exchange (Duplicate of CVE-2006-0537)
+	NOT-FOR-US: Microsoft Exchange
+	NOTE: Duplicate of CVE-2006-0537
 CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2) base-config ...)
 	[sarge] - shadow 1:4.0.3-31sarge8
 	[sarge] - base-config <not-affected>
@@ -25895,7 +25896,6 @@
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #330682; low)
 CVE-2005-3337 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis before ...)
-	NOT-FOR-US: Duplicate, will be rejected soon
 	NOTE: This is a duplicate of CVE-2005-3091 (first issue) and CVE-2005-2557 (second
 	NOTE: issue). This will be rejected.
 CVE-2005-3336 (SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows ...)

More information about the Secure-testing-commits mailing list