[Secure-testing-commits] r8476 - in data: . CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Thu Apr 3 21:59:31 UTC 2008 

Author: jmm-guest
Date: 2008-04-03 21:59:30 +0000 (Thu, 03 Apr 2008)
New Revision: 8476

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
boost spu no-dsa
cld issue/glibc not needed for etch
eterm rather harmless, more of a design bug than a vulnerability


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-04-03 21:55:23 UTC (rev 8475)
+++ data/CVE/list	2008-04-03 21:59:30 UTC (rev 8476)
@@ -516,6 +516,7 @@
 	- kfreebsd-7 7.0-2 (bug #469565)
 	- gcc-4.3 4.3.0-2 (bug #469567)
 	- glibc 2.7-8 (bug #465583)
+	[etch] - glibc <not-affected> (Problem only exposed with GCC 4.3)
 CVE-2008-1366 (Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and ...)
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
 CVE-2008-1365 (Stack-based buffer overflow in Trend Micro OfficeScan Corporate ...)
@@ -1289,7 +1290,8 @@
 CVE-2008-1142 [insecure default behaviour in rxvt for handling DISPLAY variable]
 	RESERVED
 	- rxvt <unfixed> (unimportant; bug #469296)
-	- eterm <unfixed> (bug #473127)
+	- eterm <unfixed> (unimportant; bug #473127)
+	TODO: Let's make sure it gets still fixed for Lenny
 CVE-2008-1055 (Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 ...)
 	NOT-FOR-US: SurgeMail
 CVE-2008-1054 (Stack-based buffer overflow in the _lib_spawn_user_getpid function in ...)
@@ -3299,8 +3301,10 @@
 	NOT-FOR-US: GE Fanuc Proficy Real-Time Information Portal
 CVE-2008-0172 (The get_repeat_type function in basic_regex_creator.hpp in the Boost ...)
 	- boost 1.34.1-5 (low; bug #461236)
+	[etch] - boost <no-dsa> (Minor issue)
 CVE-2008-0171 (regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library ...)
 	- boost 1.34.1-5 (low; bug #461236)
+	[etch] - boost <no-dsa> (Minor issue)
 CVE-2008-0170
 	RESERVED
 CVE-2008-0169

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2008-04-03 21:55:23 UTC (rev 8475)
+++ data/spu-candidates.txt	2008-04-03 21:59:30 UTC (rev 8476)
@@ -27,6 +27,11 @@
 
 --
 
+boost (CVE-2008-0172/CVE-2008-0171)
+#461236
+
+--
+
 flac123 (CVE-2007-3507)
 notified maintainer

More information about the Secure-testing-commits mailing list