[Secure-testing-commits] r7872 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Thu Jan 10 22:55:59 UTC 2008
Author: jmm-guest
Date: 2008-01-10 22:55:58 +0000 (Thu, 10 Jan 2008)
New Revision: 7872
Modified:
data/CVE/list
Log:
two inkscape updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-01-10 22:49:21 UTC (rev 7871)
+++ data/CVE/list 2008-01-10 22:55:58 UTC (rev 7872)
@@ -13652,8 +13652,12 @@
NOT-FOR-US: dproxy
CVE-2007-1464 (Format string vulnerability in the whiteboard Jabber protocol in ...)
- inkscape 0.45.1-1 (medium)
+ [etch] - inkscape <not-affected> (Versions prior to 0.45 used loudmouth, which isn't affected)
CVE-2007-1463 (Format string vulnerability in Inkscape before 0.45.1 allows ...)
- inkscape 0.45.1-1 (low)
+ [etch] - inkscape <no-dsa> (Minor issue)
+ [sarge] - inkscape <no-dsa> (Minor issue)
+ NOTE: shell code would be prominently inside the file names
CVE-2007-1462 (The luci server component in conga preserves the password between page ...)
NOT-FOR-US: conga
CVE-2007-1461 (The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP ...)
More information about the Secure-testing-commits
mailing list