[Secure-testing-commits] r5825 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Fri May 11 19:44:02 UTC 2007
Author: stef-guest
Date: 2007-05-11 19:43:59 +0000 (Fri, 11 May 2007)
New Revision: 5825
Modified:
data/CVE/list
Log:
CVE-2007-2525 linux
CVE-2007-2500 gnash
CVE-2005-4836 tomcat4
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-11 19:25:17 UTC (rev 5824)
+++ data/CVE/list 2007-05-11 19:43:59 UTC (rev 5825)
@@ -126,7 +126,7 @@
CVE-2007-2526 (Heap-based buffer overflow in the ConnectAsyncEx function in VNC ...)
TODO: check
CVE-2007-2525 (Memory leak in the PPPoE socket implementation in the Linux kernel ...)
- TODO: check
+ - linux-2.6 <unfixed>
CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS (Open ...)
TODO: check
CVE-2007-2523
@@ -177,7 +177,7 @@
CVE-2007-2501 (Eval injection vulnerability in codepress.html in CodePress before ...)
TODO: check
CVE-2007-2500 (server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash ...)
- TODO: check
+ - gnash <unfixed> (bug #423433)
CVE-2007-2499 (Multiple cross-site scripting (XSS) vulnerabilities in DVDdb 0.6 and ...)
TODO: check
CVE-2007-2498 (libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote ...)
@@ -1612,7 +1612,7 @@
CVE-2005-4837 (snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before ...)
- net-snmp 5.2.2-1 (medium)
CVE-2005-4836 (The HTTP/1.1 connector in Apache Tomcat 4.1.15 and later does not ...)
- TODO: check
+ - tomcat4 <no-dsa> (affects deprecated HTTP/1.1 connector only)
CVE-2007-XXXX [initramfs-tools creates /dev/root world-readable]
- initramfs-tools 0.85g (low; bug #417995)
CVE-2007-1840 (lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not ...)
More information about the Secure-testing-commits
mailing list