[Secure-testing-commits] r5787 - data/CVE
Florian Weimer
fw at alioth.debian.org
Sat May 5 10:58:36 UTC 2007
Author: fw
Date: 2007-05-05 10:58:32 +0000 (Sat, 05 May 2007)
New Revision: 5787
Modified:
data/CVE/list
Log:
Use NOTE: instead of NOT-FOR-US: for duplicates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-05 10:32:18 UTC (rev 5786)
+++ data/CVE/list 2007-05-05 10:58:32 UTC (rev 5787)
@@ -90,7 +90,7 @@
CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.1, ...)
TODO: check
CVE-2007-2436 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel ...)
- NOT-FOR-US: Duplicate of CVE-2007-1861
+ NOTE: Duplicate of CVE-2007-1861
CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...)
TODO: check
CVE-2007-2434 (Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows ...)
@@ -1283,7 +1283,7 @@
- php5 5.2.0-11 (medium)
NOTE: php5 is vulnerable due to improper use of the system sqlite libs
CVE-2007-1886 (Integer overflow in the str_replace function in PHP 4.4.5 and PHP ...)
- NOT-FOR-US: Duplicate of CVE-2007-1885
+ NOTE: Duplicate of CVE-2007-1885
CVE-2007-1885 (Integer overflow in the str_replace function in PHP 4 before 4.4.5 and ...)
NOTE: Dupe of CVE-2007-0906; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
CVE-2007-1884 (Multiple integer signedness errors in the printf function family in ...)
@@ -1481,7 +1481,7 @@
CVE-2007-1795 (JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary ...)
NOT-FOR-US: URLshrink
CVE-2007-1794 (The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, ...)
- NOT-FOR-US: Duplicate of CVE-2006-3805
+ NOTE: Duplicate of CVE-2006-3805
CVE-2007-1793 (SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and ...)
NOT-FOR-US: Symantec Norton Personal Firewall
CVE-2007-1792
@@ -17743,7 +17743,8 @@
NOT-FOR-US: PHP-Nuke
CVE-2006-1845
REJECTED
- NOT-FOR-US: exchange (Duplicate of CVE-2006-0537)
+ NOT-FOR-US: Microsoft Exchange
+ NOTE: Duplicate of CVE-2006-0537
CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2) base-config ...)
[sarge] - shadow 1:4.0.3-31sarge8
[sarge] - base-config <not-affected>
@@ -25895,7 +25896,6 @@
{DSA-905-1}
- mantis 0.19.3-0.1 (bug #330682; low)
CVE-2005-3337 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis before ...)
- NOT-FOR-US: Duplicate, will be rejected soon
NOTE: This is a duplicate of CVE-2005-3091 (first issue) and CVE-2005-2557 (second
NOTE: issue). This will be rejected.
CVE-2005-3336 (SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows ...)
More information about the Secure-testing-commits
mailing list