[Secure-testing-commits] r5923 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Fri May 25 21:21:34 UTC 2007


Author: jmm-guest
Date: 2007-05-25 21:21:34 +0000 (Fri, 25 May 2007)
New Revision: 5923

Modified:
   data/CVE/list
Log:
no-dsa for non-free java as usual
xterm issue is limited to RHEL


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-05-25 21:14:09 UTC (rev 5922)
+++ data/CVE/list	2007-05-25 21:21:34 UTC (rev 5923)
@@ -7,8 +7,9 @@
 CVE-2007-XXXX [NTFS driver for FUSE unspecified issue]
 	- ntfs-3g 1:1.516-1
 	NOTE: local root exploit
-CVE-2007-2797
+CVE-2007-2797 [xterm world-writable tty]
 	RESERVED
+	- xterm <not-affected> (Debian uses safe compile-time settings)
 CVE-2007-2796
 	RESERVED
 CVE-2007-2795
@@ -26,9 +27,11 @@
 	NOT-FOR-US: VP-ASP Shopping Cart
 CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before ...)
 	- sun-java5 1.5.0-11-1 (medium)
+	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 <unfixed> (bug #422403)
 CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun Java ...)
 	- sun-java5 1.5.0-11-1 (medium)
+	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 <unfixed> (bug #422403)
 CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1) ...)
 	NOT-FOR-US: LeadTools Raster Thumbnail Object Library




More information about the Secure-testing-commits mailing list