[Secure-testing-commits] r10685 - data/CVE

atomo64-guest at alioth.debian.org atomo64-guest at alioth.debian.org
Fri Dec 12 22:32:17 UTC 2008 

Author: atomo64-guest
Date: 2008-12-12 22:32:17 +0000 (Fri, 12 Dec 2008)
New Revision: 10685

Modified:
   data/CVE/list
Log:
NFUs, moodle and gpsdrive issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-12 21:41:56 UTC (rev 10684)
+++ data/CVE/list	2008-12-12 22:32:17 UTC (rev 10685)
@@ -1,3 +1,6 @@
+CVE-2008-XXXX [other symlink attack vectors in gpsdrive]
+	- gpsdrive <unfixed> (bug #508597)
+	TODO: request CVE id
 CVE-2008-5485
 	RESERVED
 CVE-2008-5484
@@ -105,7 +108,7 @@
 CVE-2008-5433 (Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and ...)
 	NOT-FOR-US: PunBB
 CVE-2008-5432 (Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 ...)
-	TODO: check
+	- moodle <unfixed> (bug #508593)
 CVE-2008-5431 (Teamtek Universal FTP Server 1.0.44 allows remote attackers to cause a ...)
 	NOT-FOR-US: Teamtek Universal FTP Server
 CVE-2008-5430 ( ...)
@@ -209,7 +212,8 @@
 CVE-2008-5381 (Buffer overflow in the URL processing in ffdshow (aka ffdshow-tryout) ...)
 	TODO: check
 CVE-2008-5380 (gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite ...)
-	TODO: check
+	- gpsdrive <not-affected> (geo-nearest not shipped, geo-code already fixed)
+	[etch] - gpsdrive <unfixed> (low; bug #508595)
 CVE-2008-5379 (netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary ...)
 	TODO: check
 CVE-2008-5378 (arb-kill in arb 0.0.20071207.1 allows local users to overwrite ...)
@@ -1410,7 +1414,7 @@
 CVE-2008-4845
 	RESERVED
 CVE-2008-4844 (Use-after-free vulnerability in mshtml.dll in Microsoft Internet ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-4843
 	RESERVED
 CVE-2008-4842
@@ -2384,7 +2388,7 @@
 CVE-2008-4419
 	RESERVED
 CVE-2008-4418 (Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and ...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-2008-4417
 	RESERVED
 CVE-2008-4416 (Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows ...)

More information about the Secure-testing-commits mailing list