[Secure-testing-commits] r5808 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Tue May 8 21:59:21 UTC 2007
Author: jmm-guest
Date: 2007-05-08 21:59:17 +0000 (Tue, 08 May 2007)
New Revision: 5808
Modified:
data/CVE/list
Log:
checked one old xine issue
minor tcc codegen issue fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-08 18:04:52 UTC (rev 5807)
+++ data/CVE/list 2007-05-08 21:59:17 UTC (rev 5808)
@@ -5557,7 +5557,8 @@
CVE-2007-0256 (VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of ...)
- vlc <unfixed> (unimportant; bug #407290)
CVE-2007-0255 (XINE 0.99.4 allows user-assisted remote attackers to cause a denial of ...)
- - xine-ui <unfixed> (low)
+ NOTE: I've been looking into this, but I can't find a copy of the VLC code anywhere
+ NOTE: This appears to be a generic crash
CVE-2007-0254 (Format string vulnerability in the errors_create_window function in ...)
- xine-ui 0.99.4+dfsg+cvs20061111-2 (low; bug #407369)
CVE-2007-0253 (** DISPUTED ** ...)
@@ -20781,10 +20782,9 @@
CVE-2006-0636 (desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the ...)
NOT-FOR-US: eyeOS
CVE-2006-0635 (Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the ...)
- - tcc 0.9.23-3 (bug #352202; low)
+ - tcc 0.9.24~cvs20070502-1 (bug #352202; low)
[sarge] - tcc <no-dsa> (Only incorrect code gen, hardly any production use)
- NOTE: Proper protection against integer overflows still need to be done inside
- NOTE: the application compiled with TCC, the version above documents the behaviour
+ [etch] - tcc <no-dsa> (Documented as insecure; only incorrect code gen, hardly any production use)
CVE-2006-0634 (Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition ...)
NOT-FOR-US: Borland C++Builder
CVE-2006-0633 (The make_password function in ipsclass.php in Invision Power Board ...)
More information about the Secure-testing-commits
mailing list