[Secure-testing-commits] r7383 - in data: . CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Fri Nov 23 22:34:12 UTC 2007
Author: jmm-guest
Date: 2007-11-23 22:34:12 +0000 (Fri, 23 Nov 2007)
New Revision: 7383
Modified:
data/CVE/list
data/embedded-code-copies
Log:
- fckeditor now packaged separately, filed bugs
- pcre fixes in sarge and etch address older pcre issue
as well
- libpng no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-23 22:18:14 UTC (rev 7382)
+++ data/CVE/list 2007-11-23 22:34:12 UTC (rev 7383)
@@ -115,7 +115,8 @@
NOT-FOR-US: ExoPHPdesk
CVE-2006-7230 (Perl-Compatible Regular Expression (PCRE) library before 7.0 does not ...)
- pcre3 7.0-1
- NOTE: Documented in http://www.pcre.org/changelog.txt
+ [sarge] - pcre3 4.5+7.4-1
+ [etch] - pcre3 6.7+7.4-2
CVE-2004-2755 (Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, ...)
NOT-FOR-US: Symantec Web Security
CVE-2004-2754 (SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and ...)
@@ -2545,6 +2546,8 @@
- drupal <not-affected> (does not ship this module)
CVE-2007-5269 (Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 ...)
- libpng 1.2.15~beta5-3 (low; bug #446308)
+ [etch] - libpng <no-dsa> (Minor issue)
+ [sarge] - libpng <no-dsa> (Minor issue)
CVE-2007-5268 (pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) ...)
- libpng <not-affected> (Vulnerable code not present in Debian version, introduced in 1.2.19)
CVE-2007-5267 (Off-by-one error in ICC profile chunk handling in the png_set_iCCP ...)
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2007-11-23 22:18:14 UTC (rev 7382)
+++ data/embedded-code-copies 2007-11-23 22:34:12 UTC (rev 7383)
@@ -201,12 +201,14 @@
xine-lib
mimms
-FCKeditor:
+FCKeditor: (packaged as fckeditor)
knowledgeroot
-moin
-karrigell
-gforge-plugins-extra
+moin (452599)
+karrigell (452598)
+gforge-plugins-extra (452597)
+
+
Moodle contains lots of things:
AdoDB
AdoDB-XML Schema
More information about the Secure-testing-commits
mailing list