[Secure-testing-commits] r6774 - in data: CVE DSA
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Wed Oct 3 10:17:04 UTC 2007
Author: jmm-guest
Date: 2007-10-03 10:17:04 +0000 (Wed, 03 Oct 2007)
New Revision: 6774
Modified:
data/CVE/list
data/DSA/list
Log:
correct version number in OO2 DSA
fix severity of openssl
new kernel issue not affecting debian
CVE-2007-3379 never affected debian
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-10-03 09:14:07 UTC (rev 6773)
+++ data/CVE/list 2007-10-03 10:17:04 UTC (rev 6774)
@@ -112,8 +112,7 @@
NOT-FOR-US: Php-Nuke
CVE-2007-5135 (Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL ...)
{DSA-1379-1}
- - openssl 0.9.8e-9 (high; bug #444435)
- NOTE: see https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/146269
+ - openssl 0.9.8e-9 (low; bug #444435)
CVE-2007-5115 (Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre ...)
NOT-FOR-US: Ekke Doerre Contenido
CVE-2007-5114 (** DISPUTED ** ...)
@@ -2950,8 +2949,9 @@
CVE-2007-3851 (The drm/i915 component in the Linux kernel before 2.6.22.2, when used ...)
{DSA-1356-1}
- linux-2.6 2.6.22-4
-CVE-2007-3850
+CVE-2007-3850 [Kernel ppc64 DoS]
RESERVED
+ - linux-2.6 <not-affected> (Debian's kernel doesn't enable CONFIG_PPC_64K_PAGES)
CVE-2007-3849 (Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced ...)
NOT-FOR-US: RedHat Advanced Intrusion Detection Environment
CVE-2007-3848 (Linux kernel 2.4.35 and other versions allows local users to send ...)
@@ -4094,7 +4094,7 @@
- linux-2.6 2.6.23-1
[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
CVE-2007-3379 (Unspecified vulnerability in the kernel in Red Hat Enterprise Linux ...)
- - linux-2.6 2.6.12-1
+ - linux-2.6 <not-affected> (Red Hat-specific vulnerability)
CVE-2007-3378 (The (1) session_save_path, (2) ini_set, and (3) error_log functions in ...)
- php4 <unfixed> (unimportant)
- php5 <unfixed> (unimportant)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2007-10-03 09:14:07 UTC (rev 6773)
+++ data/DSA/list 2007-10-03 10:17:04 UTC (rev 6774)
@@ -25,9 +25,6 @@
[21 Sep 2007] DSA-1377-2 fetchmail - null pointer dereference
{CVE-2007-4565}
[etch] - fetchmail 6.3.6-1etch1
-[21 Sep 2007] DSA-1377-1 fetchmail - null pointer reference
- {CVE-2007-4565}
- [etch] - fetchmail 6.3.6-1etch1
[21 Sep 2007] DSA-1376-1 kdebase - programming error
{CVE-2007-4569}
[etch] - kdebase 4:3.5.5a.dfsg.1-6etch1
@@ -36,7 +33,7 @@
[etch] - vim 7.0-122+1etch3
[17 Sep 2007] DSA-1375-1 openoffice.org - buffer overflow
{CVE-2007-2834}
- [etch] - openoffice.org 2.0.4.dfsg.2-7etch2.
+ [etch] - openoffice.org 2.0.4.dfsg.2-7etch2
[11 Sep 2007] DSA-1373-1 ktorrent - directory traversal vulnerabilities
{CVE-2007-1799}
[etch] - ktorrent 2.0.3+dfsg1-2etch1
More information about the Secure-testing-commits
mailing list