[Secure-testing-commits] r6773 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Wed Oct 3 09:14:08 UTC 2007
Author: joeyh
Date: 2007-10-03 09:14:07 +0000 (Wed, 03 Oct 2007)
New Revision: 6773
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-10-03 07:59:29 UTC (rev 6772)
+++ data/CVE/list 2007-10-03 09:14:07 UTC (rev 6773)
@@ -111,6 +111,7 @@
CVE-2003-1340 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 ...)
NOT-FOR-US: Php-Nuke
CVE-2007-5135 (Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL ...)
+ {DSA-1379-1}
- openssl 0.9.8e-9 (high; bug #444435)
NOTE: see https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/146269
CVE-2007-5115 (Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre ...)
@@ -284,6 +285,7 @@
CVE-2007-5035 (** DISPUTED ** ...)
NOT-FOR-US: openEngine
CVE-2007-5034 (ELinks before 0.11.3, when sending a POST request for an https URL, ...)
+ {DSA-1380-1}
- elinks 0.11.1-1.5 (low; bug #443914)
CVE-2007-5033 (Cross-site scripting (XSS) vulnerability in profile.php in phpBB XS 2 ...)
NOT-FOR-US: phpBB XS
@@ -714,6 +716,7 @@
CVE-2007-4850
RESERVED
CVE-2007-4849 (JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly ...)
+ {DSA-1378-2 DSA-1378-1}
- linux-2.6 <unfixed> (bug #442245; low)
CVE-2007-4848 (Microsoft Internet Explorer 4.0 through 7 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
@@ -1349,6 +1352,7 @@
CVE-2007-4574
RESERVED
CVE-2007-4573 (The IA32 system call emulation functionality in Linux kernel 2.4.x and ...)
+ {DSA-1378-2 DSA-1378-1}
- linux-2.6 <unfixed> (medium)
CVE-2007-4572
RESERVED
@@ -1608,7 +1612,7 @@
- nufw 2.2.4-1 (bug #439227)
[etch] - nufw <not-affected>
CVE-2007-4460 (The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) ...)
- {DSA-1365-2 DSA-1365-1}
+ {DSA-1365-3 DSA-1365-2 DSA-1365-1}
- id3lib3.8.3 3.8.3-7 (low; bug #438540)
CVE-2007-4459 (Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP ...)
NOT-FOR-US: Cisco IP Phone
@@ -2800,6 +2804,7 @@
CVE-2007-3919
RESERVED
CVE-2007-3918 [gforge xss]
+ RESERVED
- gforge 4.6.99+svn6094-1
CVE-2007-3917
RESERVED
@@ -3216,8 +3221,10 @@
- gimp <unfixed>
NOTE: maintainer states that this is not an issue
CVE-2007-3740 (The CIFS filesystem, when Unix extension support is enabled, does not ...)
+ {DSA-1378-2 DSA-1378-1}
- linux-2.6 <unfixed>
CVE-2007-3739 (mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not ...)
+ {DSA-1378-2 DSA-1378-1}
- linux-2.6 <unfixed>
CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 ...)
{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
@@ -3252,6 +3259,7 @@
CVE-2007-3732
RESERVED
CVE-2007-3731 (The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid ...)
+ {DSA-1378-2 DSA-1378-1}
- linux-2.6 <unfixed>
CVE-2007-3730 (The default configuration of the POP server in TCP/IP Services 5.6 for ...)
NOT-FOR-US: HP OpenVMS
More information about the Secure-testing-commits
mailing list