[Secure-testing-commits] r9538 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Fri Aug 8 10:09:45 UTC 2008 

Author: nion
Date: 2008-08-08 10:09:44 +0000 (Fri, 08 Aug 2008)
New Revision: 9538

Modified:
   data/CVE/list
Log:
NFUs
CVE-2008-3444 non-issue
CVE-2008-314[2-4] fixed in python2.4/python2.5 in unstable


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-08-08 09:37:50 UTC (rev 9537)
+++ data/CVE/list	2008-08-08 10:09:44 UTC (rev 9538)
@@ -68,7 +68,7 @@
 CVE-2008-3451 (PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with ...)
 	NOT-FOR-US: PhpWebGallery
 CVE-2008-3450 (Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2008-3449 (MailEnable Professional 3.5.2 and Enterprise 3.52 allow remote ...)
 	NOT-FOR-US: MailEnable
 CVE-2008-3448 (Cross-site scripting (XSS) vulnerability in index.php in common ...)
@@ -80,11 +80,12 @@
 CVE-2008-3445 (SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 ...)
 	NOT-FOR-US: phpMyRealty
 CVE-2008-3444 (The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows ...)
-	TODO: check
+	- iceweasel <unfixed> (unimportant)
+	NOTE: browser dos not treated as security issues
 CVE-2008-3443
 	RESERVED
 CVE-2008-3442 (WinZip before 11.0 does not properly verify the authenticity of ...)
-	TODO: check
+	NOT-FOR-US: WinZip
 CVE-2008-3441 (Nullsoft Winamp before 5.24 does not properly verify the authenticity ...)
 	NOT-FOR-US: Nullsoft Winamp
 CVE-2008-3440 (Sun Java before 1.6.0_03 does not properly verify the authenticity of ...)
@@ -725,11 +726,14 @@
 CVE-2008-3146
 	RESERVED
 CVE-2008-3144 (Multiple integer overflows in the PyOS_vsnprintf function in ...)
-	TODO: check
+	- python2.4 2.4.5-5
+	- python2.5 2.5.2-7
 CVE-2008-3143 (Multiple integer overflows in Python before 2.5.2 might allow ...)
-	TODO: check
+	- python2.4 2.4.5-1
+	- python2.5 2.5.2-1
 CVE-2008-3142 (Multiple buffer overflows in Python 2.5.2 and earlier on 32bit ...)
-	TODO: check
+	- python2.5 2.5.2-10
+	- python2.4 2.4.5-5
 CVE-2008-3136 (SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x ...)
 	NOT-FOR-US: AShop Delux
 CVE-2008-3135 (Soldner Secret Wars 33724 and earlier allows remote attackers to cause ...)

More information about the Secure-testing-commits mailing list