[Secure-testing-commits] r7329 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Fri Nov 16 20:18:19 UTC 2007
Author: stef-guest
Date: 2007-11-16 20:18:19 +0000 (Fri, 16 Nov 2007)
New Revision: 7329
Modified:
data/CVE/list
Log:
- CVE-2005-4790/1 are affecting debian:
tomboy, blam fixed only in unstable
liferea unfixed
beagle, banshee already fixed in etch
many other packages affected => QA / lintian check is required
- CVE-2007-5925 affects old mysql versions
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-16 20:07:32 UTC (rev 7328)
+++ data/CVE/list 2007-11-16 20:18:19 UTC (rev 7329)
@@ -160,6 +160,8 @@
NOT-FOR-US: OpenBase
CVE-2007-5925 (The convert_search_mode_to_innobase function in ha_innodb.cc in the ...)
- mysql-dfsg-5.0 5.0.45-3 (medium; bug #451235)
+ - mysql-dfsg-4.1 <removed>
+ - mysql-dfsg <removed>
CVE-2007-5924 (Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task ...)
NOT-FOR-US: IBM Lotus Domino
CVE-2007-5923 (Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in ...)
@@ -26664,9 +26666,13 @@
CVE-2006-2019 (Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows ...)
NOT-FOR-US: Apple
CVE-2005-4791 (Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 ...)
+ - beagle 0.2.13-1 (low)
+ - banshee 0.11.2+dfsg-1 (low)
- liferea <unfixed> (low; bug #451548)
+ - blam 1.8.4-1 (low)
+ TODO: file wishlist bug for lintian check, check all packages
CVE-2005-4790 (Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and ...)
- NOT-FOR-US: SuSE-specific packaging flaws
+ - tomboy 0.8.1-2
CVE-2005-4789 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, ...)
- resmgr <not-affected>
CVE-2005-4788 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, ...)
More information about the Secure-testing-commits
mailing list