[Secure-testing-commits] r10722 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Dec 17 21:14:12 UTC 2008


Author: joeyh
Date: 2008-12-17 21:14:11 +0000 (Wed, 17 Dec 2008)
New Revision: 10722

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-17 18:49:58 UTC (rev 10721)
+++ data/CVE/list	2008-12-17 21:14:11 UTC (rev 10722)
@@ -694,7 +694,7 @@
 CVE-2008-5301 (Directory traversal vulnerability in the ManageSieve implementation in ...)
 	- dovecot 1:1.0.15-2.3 (bug #506031)
 CVE-2008-5300 (Linux kernel 2.6.28 allows local users to cause a denial of service ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-12
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 CVE-2008-5296 (Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when ...)
@@ -959,7 +959,7 @@
 	- cups 1.3.8-1
 	[etch] - cupsys <not-affected> (cupsys doesn't crash, code base changed, guest username not submitted)
 CVE-2008-5182 (The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 <unfixed>
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 CVE-2008-5181 (Microsoft Communicator allows remote attackers to cause a denial of ...)
@@ -1104,6 +1104,7 @@
 	- cups <unfixed> (bug #506180)
 	[etch] - cupsys <not-affected> (RSS subscription code not yet present)
 CVE-2008-5297 (Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote DNS ...)
+	{DSA-1686-1}
 	- no-ip 2.1.7-11 (bug #506179)
 CVE-2008-5132 (SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT ...)
 	NOT-FOR-US: MemHT Portal
@@ -1215,6 +1216,7 @@
 	{DSA-1679-1}
 	- awstats 6.7.dfsg-5.1 (bug #495432; low)
 CVE-2008-5079 (net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and ...)
+	{DSA-1687-1}
 	- linux-2.6 <unfixed>
 	- linux-2.6.24 <unfixed>
 	NOTE: http://marc.info/?l=linux-netdev&m=122841256115780&w=2
@@ -1412,11 +1414,11 @@
 CVE-2008-5009 (Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, ...)
 	NOT-FOR-US: Sun Solstice X.25
 CVE-2008-5025 (Stack-based buffer overflow in the hfs_cat_find_brec function in ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 CVE-2008-5029 (The __scm_destroy function in net/core/scm.c in the Linux kernel ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 CVE-2008-XXXX [Trac Multiple Vulnerabilities]
@@ -1480,11 +1482,11 @@
 	- aegis 4.24-3.1 (low; bug #496400)
 	[etch] - aegis <no-dsa> (Minor issue)
 CVE-2008-4934 (The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 CVE-2008-4933 (Buffer overflow in the hfsplus_find_cat function in ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 CVE-2008-4932 (webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 ...)
@@ -2364,7 +2366,7 @@
 	- dovecot 1:1.0.15-2.2 (low; bug #502967)
 	[etch] - dovecot <no-dsa> (Minor issue)
 CVE-2008-4576 (sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-9
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 CVE-2008-4575 (Buffer overflow in the DoCommand function in jhead before 2.84 might ...)
@@ -2411,7 +2413,7 @@
 	TODO:	[etch] - graphviz 2.8-3+etch1
 	NOTE: Scheduled for r6
 CVE-2008-4554 (The do_splice_from function in fs/splice.c in the Linux kernel before ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-9
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 CVE-2008-4553 (qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local ...)
@@ -4997,7 +4999,7 @@
 	{DSA-1654-1}
 	- libxml2 2.6.32.dfsg-4 (bug #498768)
 CVE-2008-3528 (The error-reporting functionality in (1) fs/ext2/dir.c, (2) ...)
-	{DSA-1681-1}
+	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11 (unimportant)
 	- linux-2.6.24 2.6.24-6~etchnhalf.7 (unimportant)
 	NOTE: cdbf6dba28e8e6268c8420857696309470009fd9 (ext3)
@@ -5015,6 +5017,7 @@
 	NOTE: include a setuid shell or world-writable hard disk device file or some
 	NOTE: such).  Me, I think they're just being silly.
 CVE-2008-3527 (arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects ...)
+	{DSA-1687-1}
 	- linux-2.6 2.6.21-1
 CVE-2008-3526 (Integer overflow in the sctp_setsockopt_auth_key function in ...)
 	{DSA-1636-1}




More information about the Secure-testing-commits mailing list