[Secure-testing-commits] r6644 - data/CVE

Wed Sep 19 19:45:21 UTC 2007

Author: nion
Date: 2007-09-19 19:45:21 +0000 (Wed, 19 Sep 2007)
New Revision: 6644

Modified:
   data/CVE/list
Log:
CVE-2004-0967 fixed in gs-gpl 8.56.dfsg.1-1
CVE-2007-0253 fixed in kernel-patch-grsecurity 2.1.10-1
CVE-2005-2311 fixed in sms-pl 2.1.0-1
CVE-2007-0905 fixed in php5 5.2.0-9
end of house cleaning :)


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2007-09-19 16:47:07 UTC (rev 6643)
+++ data/CVE/list	2007-09-19 19:45:21 UTC (rev 6644)
@@ -9755,7 +9755,7 @@
 	[etch] - php4 6:4.4.4-8+etch1
 	[etch] - php5 5.2.0-8+etch1
 CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir ...)
-	- php5 <unfixed> (bug #410561; bug #410995; unimportant)
+	- php5 5.2.0-9 (bug #410561; bug #410995; unimportant)
 	NOTE: we normally don't spend much time on safe_mode and open_basedir
 	NOTE: issues, but the because the attack vectors are "unspecified", it
 	NOTE: might be harder for us to try and sort out the fixes for this
@@ -11415,7 +11415,7 @@
 	- xine-ui 0.99.4+dfsg+cvs20061111-1 (low; bug #407369)
 	NOTE: If've verified the Etch version to contain the necessary format strings
 CVE-2007-0253 (** DISPUTED ** ...)
-	- kernel-patch-grsecurity2 <unfixed> (unimportant; bug #407350)
+	- kernel-patch-grsecurity2 2.1.10-1 (unimportant; bug #407350)
 	NOTE: See CVE-2007-0257
 CVE-2007-0252 (Unspecified vulnerability in easy-content filemanager allows remote ...)
 	NOT-FOR-US: easy-content
@@ -34812,8 +34812,8 @@
 	NOT-FOR-US: Contrexx
 CVE-2005-2414 (Race condition in the xpcom library, as used by web browsers such as ...)
 	- firefox 1.5.dfsg-1 (unimportant)
-	- mozilla-firefox <unfixed> (bug #327549; unimportant)
-	- mozilla <unfixed> (bug #327550; unimportant)
+	- mozilla-firefox 1.5.dfsg-1 (bug #327549; unimportant)
+	- mozilla 1.5.dfsg-1 (bug #327550; unimportant)
 	- iceweasel <not-affected>
 	NOTE: The turned out to be non-exploitable
 CVE-2005-2413 (PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in ...)
@@ -35067,7 +35067,7 @@
 CVE-2005-2312 (management.php in Realnode Emilda 1.2.2 and earlier allows remote ...)
 	NOT-FOR-US: Realnode Emilda
 CVE-2005-2311 (SMS 1.9.2m and earlier allows local users to overwrite arbitrary files ...)
-	- sms-pl <unfixed> (bug #320540; unimportant)
+	- sms-pl 2.1.0-1 (bug #320540; unimportant)
 	NOTE: vulnerable contrib file only in source package
 CVE-2005-2310 (Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions ...)
 	NOT-FOR-US: Winamp
@@ -45051,7 +45051,7 @@
 	- glibc 2.3.2.ds1-19
 CVE-2004-0967 (The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts ...)
 	- gs-common 0.3.6-0.1
-	- gs-gpl <unfixed> (bug #291373; unimportant)
+	- gs-gpl 8.56.dfsg.1-1 (bug #291373; unimportant)
 	NOTE: ps2epsi hole present in gs-gpl, but not shipped in binary
 CVE-2004-0966 (The (1) autopoint and (2) gettextize scripts in the GNU gettext ...)
 	- gettext 0.14.1-6


