[Secure-testing-commits] r7949 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Thu Jan 17 00:13:16 UTC 2008 

Author: nion
Date: 2008-01-17 00:13:15 +0000 (Thu, 17 Jan 2008)
New Revision: 7949

Modified:
   data/CVE/list
Log:
cveified vlc and python-paramiko

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-01-16 23:12:00 UTC (rev 7948)
+++ data/CVE/list	2008-01-17 00:13:15 UTC (rev 7949)
@@ -107,7 +107,7 @@
 CVE-2008-0238 (Multiple heap-based buffer overflows in the rmff_dump_cont function in ...)
 	{DTSA-109-1}
 	- xine-lib <unfixed> (medium; bug #460551)
-CVE-2008-XXXX [insecure use of RandomPool]
+CVE-2008-0299 [insecure use of RandomPool]
 	- python-paramiko <unfixed> (medium; bug #460706)
 	NOTE: http://www.lag.net/pipermail/paramiko/2008-January/000599.html
 CVE-2008-0237 (The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 ...)
@@ -812,19 +812,19 @@
 	NOT-FOR-US: Blakord Portal
 CVE-2007-6611 (Cross-site scripting (XSS) vulnerability in view.php in Mantis before ...)
 	- mantis 1.0.8-4 (low; bug #458377)
-CVE-2007-XXXX [vlc arbitrary file overwrite vulnerability via crafted m3u playlists]
+CVE-2007-6683 [vlc arbitrary file overwrite vulnerability via crafted m3u playlists]
 	- vlc 0.8.6.c-4.1 (medium; bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see https://trac.videolan.org/vlc/ticket/1371
-CVE-2007-XXXX [vlc format string vulnerability in built-in web-server]
+CVE-2007-6682 [vlc format string vulnerability in built-in web-server]
 	- vlc 0.8.6.c-4.1 (medium; bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see http://www.securityfocus.com/archive/1/485488/30/0/threaded
-CVE-2007-XXXX [vlc buffer overflow in subtitle handling]
+CVE-2007-6681 [vlc buffer overflow in subtitle handling]
 	- vlc 0.8.6.c-4.1 (low; bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see http://www.securityfocus.com/archive/1/485488/30/0/threaded
-CVE-2007-XXXX [vlc remote denial of service in rtsp module]
+CVE-2007-6684 [vlc remote denial of service in rtsp module]
 	- vlc 0.8.6.c-4.1 (unimportant; bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: That's hardly a security problem, just a bug

More information about the Secure-testing-commits mailing list