[Secure-testing-commits] r7161 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Oct 31 18:50:53 UTC 2007
Author: nion
Date: 2007-10-31 18:50:52 +0000 (Wed, 31 Oct 2007)
New Revision: 7161
Modified:
data/CVE/list
Log:
CVE-2007-5690 zaptel affected but not a real security issue in debian
CVE-2007-5689 fixed in sun-java6 6-03-1/sun-java5 1.5.0-13-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-10-31 18:18:24 UTC (rev 7160)
+++ data/CVE/list 2007-10-31 18:50:52 UTC (rev 7161)
@@ -34,9 +34,12 @@
- iceweasel 2.0.0.8-1 (low)
TODO: check other ice-*
CVE-2007-5690 (Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might ...)
- TODO: check
+ - zaptel <unfixed> (unimportant; bug #448763)
+ NOTE: zaptel does copy argv[1] into ifr_name but zaptel is not suid root or something
+ NOTE: similar so this is no security issue in Debian even if sethdl-new will segfault
CVE-2007-5689 (The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) ...)
- TODO: check
+ - sun-java6 6-03-1 (medium)
+ - sun-java5 1.5.0-13-1 (medium)
CVE-2007-5688 (Multiple SQL injection vulnerabilities in directory.php in the ...)
TODO: check
CVE-2007-5687 (Multiple buffer overflows in the rich text processing functionality in ...)
More information about the Secure-testing-commits
mailing list