[Secure-testing-commits] r7032 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sat Oct 20 10:27:15 UTC 2007
Author: nion
Date: 2007-10-20 10:27:15 +0000 (Sat, 20 Oct 2007)
New Revision: 7032
Modified:
data/CVE/list
Log:
CVE-2007-5358 fixed in asterisk 1:1.4.13~dfsg-1
new issue: CVE-2007-5208 hplip
new issue: CVE-2007-5200 hugin
CVE-2007-4619 fixed in libflac 1.2.1-1
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-10-20 10:21:37 UTC (rev 7031)
+++ data/CVE/list 2007-10-20 10:27:15 UTC (rev 7032)
@@ -743,7 +743,7 @@
CVE-2007-5359
RESERVED
CVE-2007-5358 (Multiple buffer overflows in the voicemail functionality in Asterisk ...)
- TODO: check
+ - asterisk 1:1.4.13~dfsg-1 (medium)
CVE-2007-5357
RESERVED
CVE-2007-5356
@@ -1223,7 +1223,8 @@
CVE-2007-5209 (Stack-based buffer overflow in DriveLock.exe in CenterTools DriveLock ...)
NOT-FOR-US: CenterTools
CVE-2007-5208 (hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) ...)
- TODO: check
+ - hplip <unfixed> (medium; bug #447341)
+ [sarge] - hplip <not-affected> (This code was using smtp directly)
CVE-2007-5206
RESERVED
CVE-2007-5205
@@ -1237,7 +1238,7 @@
CVE-2007-5201 (The FTP backend for Duplicity sends the password as a command line ...)
- duplicity 0.4.3-2 (medium; bug #442840)
CVE-2007-5200 (hugin in SUSE openSUSE 10.2 and 10.3 allows local users to overwrite ...)
- TODO: check
+ - hugin <unfixed> (low; bug #447344)
CVE-2007-5199
RESERVED
CVE-2007-5198 (Buffer overflow in the redir function in check_http.c in Nagios ...)
@@ -1247,9 +1248,9 @@
CVE-2007-5197
RESERVED
CVE-2007-5196 (Unspecified vulnerability in the SSL implementation in Groupwise ...)
- TODO: check
+ NOT-FOR-US: novell-groupwise-client
CVE-2007-5195 (Unspecified vulnerability in the SSL implementation in Groupwise ...)
- TODO: check
+ NOT-FOR-US: novell-groupwise-client
CVE-2007-5194 (The Chroot server in rMake 1.0.11 creates a /dev/zero device file with ...)
NOT-FOR-US: rMake
CVE-2007-5192
@@ -2578,7 +2579,7 @@
CVE-2007-4620
RESERVED
CVE-2007-4619 (Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC ...)
- TODO: check
+ - libflac 1.2.1-1 (medium)
CVE-2007-4618 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 ...)
NOT-FOR-US: BEA WebLogic
CVE-2007-4617 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, ...)
@@ -2614,7 +2615,7 @@
CVE-2007-4602 (SQL injection vulnerability in cms/revert-content.php in Implied by ...)
NOT-FOR-US: Micro-CMS
CVE-2007-4600 (The "Protect Worksheet" functionality in Mathsoft Mathcad 12 through ...)
- TODO: check
+ NOT-FOR-US: Mathsoft Mathcad
CVE-2007-4599
RESERVED
CVE-2007-4598 (IBM SurePOS 500 has (1) a default password of "12345" for the manager ...)
@@ -3205,7 +3206,7 @@
CVE-2007-4344
RESERVED
CVE-2007-4343 (Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows ...)
- TODO: check
+ NOT-FOR-US: IrfanView
CVE-2007-4342 (PHP remote file inclusion vulnerability in include.php in PHPCentral ...)
NOT-FOR-US: PHPCentral
CVE-2007-4341 (PHP remote file inclusion vulnerability in adm/my_statistics.php in ...)
@@ -4727,7 +4728,7 @@
CVE-2007-3676
RESERVED
CVE-2007-3675 (Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ...)
- TODO: check
+ NOT-FOR-US: Kaspersky Online Scanner
CVE-2007-3674
RESERVED
CVE-2007-3673 (Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus ...)
More information about the Secure-testing-commits
mailing list