[Secure-testing-commits] r7407 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Tue Nov 27 21:10:27 UTC 2007
Author: jmm-guest
Date: 2007-11-27 21:10:26 +0000 (Tue, 27 Nov 2007)
New Revision: 7407
Modified:
data/CVE/list
Log:
kernel updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-27 17:27:24 UTC (rev 7406)
+++ data/CVE/list 2007-11-27 21:10:26 UTC (rev 7407)
@@ -361,10 +361,10 @@
CVE-2007-5909 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) ...)
NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others
CVE-2007-5908 (Buffer overflow in the (1) sysfs_show_available_clocksources and (2) ...)
- - linux-2.6 <unfixed>
NOTE: there is a list of possible clocksource names which consits of short enough names
NOTE: this is a bug in the kernel but not a security issue, there is no way for a user to
NOTE: exploit this, they can only chose an item from the list
+ NOTE: Issue about to be rejected by MITRE
CVE-2007-5907 (Xen 3.1.1 does not prevent modification of the CR4 TSC from ...)
- xen-3 3.1.2-1 (medium; bug #451626)
- xen-3.0 <unfixed>
@@ -3149,7 +3149,7 @@
CVE-2007-5088 (Cross-site scripting (XSS) vulnerability in search/cust_bill_event.cgi ...)
NOT-FOR-US: freeside
CVE-2007-5087 (The ATM module in the Linux kernel before 2.4.35.3, when CLIP support ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 <not-affected> (2.6 code base handles ARP entries differently)
CVE-2007-5086 (Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not ...)
NOT-FOR-US: Kaspersky Anti-Virus and Internet Security 7.0
CVE-2007-5085 (Unspecified vulnerability in the management EJB (MEJB) in Apache ...)
More information about the Secure-testing-commits
mailing list