[Secure-testing-commits] r8157 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Thu Feb 14 12:55:21 UTC 2008
Author: fw
Date: 2008-02-14 12:55:11 +0000 (Thu, 14 Feb 2008)
New Revision: 8157
Modified:
data/CVE/list
Log:
CVE-2008-0177: BSD-only IP stack issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-02-14 09:14:18 UTC (rev 8156)
+++ data/CVE/list 2008-02-14 12:55:11 UTC (rev 8157)
@@ -1385,7 +1385,11 @@
CVE-2008-0178 (Cross-site scripting (XSS) vulnerability in the Enterprise Admin ...)
NOT-FOR-US: Liferay Portal
CVE-2008-0177 (The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME ...)
- NOT-FOR-US: KAME
+ - kfreebsd-7 <unfixed>
+ - kfreebsd-6 <unfixed>
+ - kfreebsd-5 <removed>
+ NOTE: Linux kernel code is not affected, the proper check is there
+ NOTE: (somewhat difficult to spot, it happens in the caller).
CVE-2008-0176 (Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI ...)
NOT-FOR-US: GE Fanuc CIMPLICITY
CVE-2008-0175 (Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time ...)
More information about the Secure-testing-commits
mailing list