[Secure-testing-commits] r7908 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Sun Jan 13 21:14:13 UTC 2008


Author: joeyh
Date: 2008-01-13 21:14:12 +0000 (Sun, 13 Jan 2008)
New Revision: 7908

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-01-13 18:43:36 UTC (rev 7907)
+++ data/CVE/list	2008-01-13 21:14:12 UTC (rev 7908)
@@ -164,6 +164,7 @@
 	NOT-FOR-US: ONEdotOH Simple File
 CVE-2008-0173 [SQL injection in gforge]
 	RESERVED
+	{DSA-1459-1}
 	- gforge 4.6.99+svn6330-1 (unimportant)
 	NOTE: this is exploitable by unauthenticated users
 	NOTE: Requires register_globals to be On, unsupported in lenny+sid.
@@ -586,10 +587,12 @@
 CVE-2007-6602 (SQL injection vulnerability in app/models/identity.php in NoseRub ...)
 	NOT-FOR-US: NoseRub
 CVE-2007-6601 (The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, ...)
+	{DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	NOTE: see http://www.postgresql.org/about/news.905
 CVE-2007-6600 (PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 ...)
+	{DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	NOTE: see http://www.postgresql.org/about/news.905
@@ -1358,6 +1361,7 @@
 	- autofs5 <unfixed>
 CVE-2007-6284 [infinite loop in libxml2 through crafted UTF-8 sequence]
 	RESERVED
+	{DSA-1461-1}
 	- libxml2 <unfixed> (medium; bug #460292)
 CVE-2007-6283 (Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key ...)
 	- bind9 <not-affected> (On Debian this file is rw for user bind and just readable for group bind)
@@ -1853,6 +1857,7 @@
 CVE-2007-6068
 	RESERVED
 CVE-2007-6067 (Algorithmic complexity vulnerability in the regular expression parser ...)
+	{DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	NOTE: see http://www.postgresql.org/about/news.905
@@ -4899,7 +4904,7 @@
 CVE-2007-5209 (Stack-based buffer overflow in DriveLock.exe in CenterTools DriveLock ...)
 	NOT-FOR-US: CenterTools
 CVE-2007-5208 (hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) ...)
-	{DTSA-72-1}
+	{DSA-1462-1 DTSA-72-1}
 	- hplip 1.6.10-4.3 (medium; bug #447341)
 	[sarge] - hplip <not-affected> (This code was using smtp directly)
 CVE-2007-5206
@@ -5919,6 +5924,7 @@
 CVE-2007-4773
 	RESERVED
 CVE-2007-4772 (The regular expression parser in TCL before 8.4.17, as used in ...)
+	{DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	NOTE: see http://www.postgresql.org/about/news.905
@@ -5927,6 +5933,7 @@
 CVE-2007-4770
 	RESERVED
 CVE-2007-4769 (The regular expression parser in TCL before 8.4.17, as used in ...)
+	{DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	NOTE: see http://www.postgresql.org/about/news.905
@@ -9508,6 +9515,7 @@
 	- postgresql-8.1 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
 	- postgresql-8.2 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
 CVE-2007-3278 (PostgreSQL 8.1 and probably later versions, when local trust ...)
+	{DSA-1460-1}
 	- postgresql-8.1 <not-affected> (local trust authentication is not enabled in Debian)
 	- postgresql-8.2 <not-affected> (local trust authentication is not enabled in Debian)
 CVE-2007-3277 (Unspecified vulnerability in the localization before 1.2 module for ...)




More information about the Secure-testing-commits mailing list