[Secure-testing-commits] r7256 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Fri Nov 9 10:37:57 UTC 2007 

Author: nion
Date: 2007-11-09 10:37:56 +0000 (Fri, 09 Nov 2007)
New Revision: 7256

Modified:
   data/CVE/list
Log:
NFUs
CVE-2007-5156 and CVE-2007-3921 will be fixed in gforge 4.6.99+svn6169-1 (when ftp-master is back)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-11-09 10:20:47 UTC (rev 7255)
+++ data/CVE/list	2007-11-09 10:37:56 UTC (rev 7256)
@@ -2565,7 +2565,7 @@
 	- knowledgeroot 0.9.8.4-1.1 (medium; bug #444928)
 	- moin 1.5.8-4.1
 	- karrigell <not-affected> (Does not include vulnerable php code)
-	- gforge <unfixed> (low; bug #447590)
+	- gforge 4.6.99+svn6169-1 (low; bug #447590)
 	[etch] - gforge <not-affected> (fckeditor is not shipped in these versions)
 	[sarge] - gforge <not-affected> (fckeditor is not shipped in these versions)
 CVE-2007-5155 (IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect ...)
@@ -3649,17 +3649,17 @@
 CVE-2007-4678
 	RESERVED
 CVE-2007-4677 (Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-4676 (Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-4675 (Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-4674
 	RESERVED
 CVE-2007-4673 (Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2007-4672 (Stack-based buffer overflow in Apple QuickTime before 7.3 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-4671 (Unspecified vulnerability in Safari in Apple iPhone 1.1.1 allows ...)
 	NOT-FOR-US: Safari
 CVE-2007-4670 (Unspecified vulnerability in PHP before 5.2.4 has unknown impact and ...)
@@ -4714,7 +4714,7 @@
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
 CVE-2007-4223 (Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Sysinternals DebugView
 CVE-2007-4222 (Buffer overflow in the TagAttributeListCopy function in nnotes.dll in ...)
 	NOT-FOR-US: IBM Lotus Notes
 CVE-2007-4221 (Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for ...)
@@ -5383,7 +5383,7 @@
 	- sun-java6 6-02-1
 CVE-2007-3921 (gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files ...)
 	{DSA-1402-1}
-	TODO: check
+	- gforge 4.6.99+svn6169-1
 CVE-2007-3920 (GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not ...)
 	{DTSA-75-1}
 	- gnome-screensaver 2.20.0-1.1

More information about the Secure-testing-commits mailing list