[Secure-testing-commits] r7836 - data/CVE

[luk at alioth.debian.org]

Author: luk
Date: 2008-01-05 10:56:56 +0000 (Sat, 05 Jan 2008)
New Revision: 7836

Modified:
   data/CVE/list
Log:
Be consistent for issues fixed in proposed-updates.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-01-05 09:14:10 UTC (rev 7835)
+++ data/CVE/list	2008-01-05 10:56:56 UTC (rev 7836)
@@ -491,7 +491,6 @@
 	[etch] - venkman <not-affected> (Vulnerable code not present)
 CVE-2007-XXXX [unace unspecified security issue related to uninitialized variable]
 	- unace-nonfree 2.5-3
-	[sarge] - unace-nonfree <no-dsa> (non-free not supported)
 	[etch] - unace-nonfree <no-dsa> (non-free not supported)
 	TODO: r3 release:	[etch] - unace-nonfree 2.5-1etch1
 CVE-2007-6507 (SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, ...)
@@ -1248,7 +1247,7 @@
 	[etch] - sing <no-dsa> (Only exploitable in inherently broken setups)
 	[sarge] - sing <no-dsa> (Only exploitable in inherently broken setups)
 	TODO: r3	[etch] - sing 1.1-13etch1
-	TODO: r3	[sarge] - sing 1.1-9sarge1
+	TODO: r8	[sarge] - sing 1.1-9sarge1
 CVE-2007-6209 (Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...)
 	- zsh 4.3.4-dev-3-2 (low; bug #454073)
 	[etch] - zsh <no-dsa> (Minor issue)
@@ -15336,8 +15335,9 @@
 	[sarge]	- rar <no-dsa> (Non-free)
 	[etch] - rar <no-dsa> (Non-free)
 	- unrar-nonfree 1:3.7.3-1 (high; bug #410580)
-	[sarge]	- unrar-nonfree 1:3.5.2-0.2
+	[sarge]	- unrar-nonfree <no-dsa> (Non-free not supported)
 	[etch] - unrar-nonfree <no-dsa> (Non-free not supported)
+	TODO: r8 release        [sarge] - unrar-nonfree 1:3.5.2-0.2
 	TODO: r3 release	[etch] - unrar-nonfree 1:3.5.4-1.1
 	NOTE: amavid-new automatically uses "rar -p-" or "unrar -p-",
 	NOTE: which probably turns this into remote code execution