[Secure-testing-commits] r7383 - in data: . CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Fri Nov 23 22:34:12 UTC 2007 

Author: jmm-guest
Date: 2007-11-23 22:34:12 +0000 (Fri, 23 Nov 2007)
New Revision: 7383

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
- fckeditor now packaged separately, filed bugs
- pcre fixes in sarge and etch address older pcre issue
  as well
- libpng no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-11-23 22:18:14 UTC (rev 7382)
+++ data/CVE/list	2007-11-23 22:34:12 UTC (rev 7383)
@@ -115,7 +115,8 @@
 	NOT-FOR-US: ExoPHPdesk
 CVE-2006-7230 (Perl-Compatible Regular Expression (PCRE) library before 7.0 does not ...)
 	- pcre3 7.0-1
-	NOTE: Documented in http://www.pcre.org/changelog.txt
+	[sarge] - pcre3 4.5+7.4-1
+	[etch] - pcre3 6.7+7.4-2
 CVE-2004-2755 (Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, ...)
 	NOT-FOR-US: Symantec Web Security
 CVE-2004-2754 (SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and ...)
@@ -2545,6 +2546,8 @@
 	- drupal <not-affected> (does not ship this module)
 CVE-2007-5269 (Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 ...)
 	- libpng 1.2.15~beta5-3 (low; bug #446308)
+	[etch] - libpng <no-dsa> (Minor issue)
+	[sarge] - libpng <no-dsa> (Minor issue)
 CVE-2007-5268 (pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) ...)
 	- libpng <not-affected> (Vulnerable code not present in Debian version, introduced in 1.2.19)
 CVE-2007-5267 (Off-by-one error in ICC profile chunk handling in the png_set_iCCP ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2007-11-23 22:18:14 UTC (rev 7382)
+++ data/embedded-code-copies	2007-11-23 22:34:12 UTC (rev 7383)
@@ -201,12 +201,14 @@
 xine-lib
 mimms
 
-FCKeditor:
+FCKeditor: (packaged as fckeditor)
 knowledgeroot
-moin
-karrigell
-gforge-plugins-extra
+moin (452599)
+karrigell (452598)
+gforge-plugins-extra (452597)
 
+
+
 Moodle contains lots of things:
 AdoDB
 AdoDB-XML Schema

More information about the Secure-testing-commits mailing list