[Secure-testing-commits] r8084 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Tue Feb 5 21:14:21 UTC 2008 

Author: joeyh
Date: 2008-02-05 21:14:20 +0000 (Tue, 05 Feb 2008)
New Revision: 8084

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-02-05 20:25:59 UTC (rev 8083)
+++ data/CVE/list	2008-02-05 21:14:20 UTC (rev 8084)
@@ -598,6 +598,7 @@
 CVE-2008-0253 (SQL injection vulnerability in full_text.php in Binn SBuilder allows ...)
 	NOT-FOR-US: Binn SBuilder
 CVE-2008-0252 (Directory traversal vulnerability in the _get_file_path function in ...)
+	{DSA-1481-1}
 	- python-cherrypy 2.2.1-3.1 (low; bug #461069)
 CVE-2008-0251 (Unrestricted file upload vulnerability in PhotoPost vBGallery before ...)
 	NOT-FOR-US: PhotoPost vBGallery
@@ -4900,7 +4901,7 @@
 CVE-2007-5394
 	RESERVED
 CVE-2007-5393 (Heap-based buffer overflow in the CCITTFaxStream::lookChar method in ...)
-	{DSA-1408-1 DTSA-85-1 DTSA-86-1}
+	{DSA-1480-1 DSA-1408-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
 	- xpdf 3.02-1.3 (medium; bug #450629)
@@ -4917,7 +4918,7 @@
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 CVE-2007-5392 (Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in ...)
-	{DTSA-85-1 DTSA-86-1}
+	{DSA-1480-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
 	[etch] - kdegraphics <not-affected> (Vulnerable code not used)  
@@ -7681,7 +7682,7 @@
 CVE-2007-4353 (Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in ...)
 	NOT-FOR-US: AIX
 CVE-2007-4352 (Array index error in the DCTStream::readProgressiveDataUnit method in ...)
-	{DTSA-85-1 DTSA-86-1}
+	{DSA-1480-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
 	[etch] - kdegraphics <not-affected> (Vulnerable code not used)  
@@ -11388,6 +11389,7 @@
 CVE-2007-2809 (Buffer overflow in the transfer manager in Opera before 9.21 for ...)
 	NOT-FOR-US: Opera
 CVE-2007-2808 (Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb ...)
+	{DSA-1486-1}
 	- gnatsweb 4.00-1.1 (low; bug #427156)
 CVE-2007-2807 (Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop ...)
 	{DSA-1448-1}

More information about the Secure-testing-commits mailing list