[Secure-testing-commits] r10657 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Mon Dec 8 09:05:55 UTC 2008
Author: nion
Date: 2008-12-08 09:05:54 +0000 (Mon, 08 Dec 2008)
New Revision: 10657
Modified:
data/CVE/list
Log:
CVE-2008-5245 fixed in xine-lib 1.1.14-3
CVE-2008-5028 fixed in nagios3 3.0.6-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-07 21:14:11 UTC (rev 10656)
+++ data/CVE/list 2008-12-08 09:05:54 UTC (rev 10657)
@@ -258,7 +258,7 @@
CVE-2008-5246 (Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow ...)
- xine-lib <unfixed> (low; bug #507184; bug #498243)
CVE-2008-5245 (xine-lib before 1.1.15 performs V4L video frame preallocation before ...)
- TODO: check
+ - xine-lib 1.1.14-3 (low)
CVE-2008-5244 (Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact ...)
- xine-lib 1.1.14-3
- faad2 2.6.1-1
@@ -963,7 +963,7 @@
NOTE: the nagios process shouldnt have rights to execute important commands and non-trusted
NOTE: users shouldn't have access to nagios anyway
CVE-2008-5028 (Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) ...)
- - nagios3 <unfixed> (low; bug #504894)
+ - nagios3 3.0.6-1 (low; bug #504894)
[etch] - nagios2 <no-dsa> (CSRF can only cause DoS and needs admin's browser)
CVE-2008-4917
RESERVED
More information about the Secure-testing-commits
mailing list