[Secure-testing-commits] r5930 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Sat May 26 10:19:08 UTC 2007
Author: fw
Date: 2007-05-26 10:19:08 +0000 (Sat, 26 May 2007)
New Revision: 5930
Modified:
data/CVE/list
Log:
CVE-2007-2756: libgd, libgd2
CVE-2007-2741: lcms fixed
CVE-2007-2739, CVE-2007-2740: php-xajax
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-26 09:46:45 UTC (rev 5929)
+++ data/CVE/list 2007-05-26 10:19:08 UTC (rev 5930)
@@ -98,7 +98,9 @@
CVE-2007-2757 (Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 ...)
NOT-FOR-US: Redoable
CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted ...)
- TODO: check
+ - libgd <unfixed> (bug #426099; low)
+ - libgd2 <unfixed> (bug #426100; low)
+ NOTE: http://bugs.libgd.org/?do=details&task_id=86
CVE-2007-2755 (The PrecisionID Barcode 1.9 ActiveX control in ...)
NOT-FOR-US: PrecisionID
CVE-2007-2754 (Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and ...)
@@ -129,11 +131,11 @@
CVE-2007-2742 (Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 ...)
NOT-FOR-US: w2box
CVE-2007-2741 (Stack-based buffer overflow in Little CMS (lmcs) before 1.15 allows ...)
- TODO: check
+ - lcms 1.15-1 (medium)
CVE-2007-2740 (Unspecified vulnerability in xajax before 0.2.5 has unknown impact and ...)
- TODO: check
+ - php-xajax <unfixed> (bug #426103; low)
CVE-2007-2739 (Cross-site scripting (XSS) vulnerability in xajax before 0.2.5 allows ...)
- TODO: check
+ - php-xajax <unfixed> (bug #426103; low)
CVE-2007-2738 (SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 ...)
TODO: check
CVE-2007-2737 (SQL injection vulnerability in index.php in the MyConference 1.0 ...)
More information about the Secure-testing-commits
mailing list