[Secure-testing-commits] r10820 - in data: . CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Mon Dec 29 02:16:52 UTC 2008 

Author: jmm-guest
Date: 2008-12-29 02:16:51 +0000 (Mon, 29 Dec 2008)
New Revision: 10820

Modified:
   data/CVE/list
   data/spu-candidates.txt
Log:
minor/unimportant issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-28 21:14:10 UTC (rev 10819)
+++ data/CVE/list	2008-12-29 02:16:51 UTC (rev 10820)
@@ -26,9 +26,11 @@
 CVE-2008-5707 (SQL injection vulnerability in urunler.asp in Iltaweb Alisveris ...)
 	NOT-FOR-US: Iltaweb Alisveris Sistemi
 CVE-2008-5704 (src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might ...)
-	- gpsdrive <unfixed> (bug #508597)
+	- gpsdrive <unfixed> (low; bug #508597)
+        [etch] - gpsdrive <no-dsa> (Minor issue)
 CVE-2008-5703 (gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to ...)
-	- gpsdrive <unfixed> (bug #508597)
+	- gpsdrive <unfixed> (low; bug #508597)
+        [etch] - gpsdrive <no-dsa> (Minor issue)
 CVE-2008-5702 (Buffer underflow in the ibwdt_ioctl function in ...)
 	TODO: check
 CVE-2008-5701 (Array index error in arch/mips/kernel/scall64-o32.S in the Linux ...)
@@ -810,7 +812,7 @@
 	NOT-FOR-US: ffdshow
 CVE-2008-5380 (gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite ...)
 	- gpsdrive <not-affected> (geo-nearest not shipped, geo-code already fixed)
-	[etch] - gpsdrive <unfixed> (low; bug #508595)
+	[etch] - gpsdrive <no-dsa> (Minor issue)
 CVE-2008-5379 (netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary ...)
 	- netdisco-mibs-installer (low; bug #508940)
 	[lenny] - netdisco-mibs-installer <no-dsa> (Contrib not supported)
@@ -1983,7 +1985,8 @@
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
 CVE-2008-4865 (Untrusted search path vulnerability in valgrind allows local users to ...)
-	- valgrind 1:3.3.1-3 (low; bug #507312)
+	- valgrind 1:3.3.1-3 (unimportant; bug #507312)
+        NOTE: That's hardly an issue
 CVE-2008-4864 (Multiple integer overflows in imageop.c in the imageop module in ...)
 	- python2.5 2.5.2-12 (bug #504619)
 	- python2.4 2.4.5-6 (bug #504620)

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2008-12-28 21:14:10 UTC (rev 10819)
+++ data/spu-candidates.txt	2008-12-29 02:16:51 UTC (rev 10820)
@@ -191,8 +191,8 @@
 
 --
 
-gpsdrive
-#496436
+gpsdrive (CVE-2008-5704, CVE-2008-5703, CVE-2008-5380)
+#496436, #508597, #508595
 notified maintainer
 
 --

More information about the Secure-testing-commits mailing list