[Secure-testing-commits] r10755 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Sun Dec 21 12:05:59 UTC 2008


Author: nion
Date: 2008-12-21 12:05:59 +0000 (Sun, 21 Dec 2008)
New Revision: 10755

Modified:
   data/CVE/list
Log:
axel fixed in new upstream release but imho unimportant

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-21 11:46:12 UTC (rev 10754)
+++ data/CVE/list	2008-12-21 12:05:59 UTC (rev 10755)
@@ -495,9 +495,10 @@
 CVE-2008-5616 (Stack-based buffer overflow in the demux_open_vqf function in ...)
 	- mplayer 1.0~rc2-19 (low; bug #508803)
 CVE-2008-XXXX [axel URL parser buffer overflow]
-	- axel <unfixed> (low)
+	- axel 2.2 (unimportant)
 	[etch] - axel <no-dsa> (Minor issue)
 	NOTE: http://alioth.debian.org/forum/forum.php?forum_id=2846
+	NOTE: this only work for non-interactive sessions which is a quite exotic usecase
 CVE-2008-5619 (html2text.php in RoundCube Webmail (roundcubemail) 0.2-1.alpha and ...)
 	- roundcube 0.1.1-9 (high; bug #508628)
 	NOTE: According to the bug report, this is being exploited.




More information about the Secure-testing-commits mailing list