[Secure-testing-commits] r8007 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Mon Jan 21 21:14:12 UTC 2008 

Author: joeyh
Date: 2008-01-21 21:14:11 +0000 (Mon, 21 Jan 2008)
New Revision: 8007

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-01-21 19:49:37 UTC (rev 8006)
+++ data/CVE/list	2008-01-21 21:14:11 UTC (rev 8007)
@@ -288,7 +288,7 @@
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 <unfixed> (medium; bug #460873)
 CVE-2008-0225 (Heap-based buffer overflow in the rmff_dump_cont function in ...)
-	{DTSA-109-1}
+	{DSA-1472-1 DTSA-109-1}
 	- xine-lib <unfixed> (medium; bug #460551)
 CVE-2008-0224 (SQL injection vulnerability in index.php in the Newbb_plus 0.92 and ...)
 	NOT-FOR-US: RunCMS
@@ -2338,6 +2338,7 @@
 CVE-2007-6019
 	RESERVED
 CVE-2007-6018 (IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde ...)
+	{DSA-1470-1}
 	- horde3 3.1.6-1 (bug #461131; low)
 	- imp4 <not-affected> (xss.php is only present in horde3 package)
 CVE-2007-6017
@@ -7923,6 +7924,7 @@
 CVE-2007-4067 (Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ...)
 	NOT-FOR-US: Clever Internet ActiveX Suite
 CVE-2007-4066 (Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow ...)
+	{DSA-1471-1}
 	- libvorbis 1.2.0.dfsg-1
 	NOTE: svn revisionsions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780
 CVE-2007-4065 (lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 ...)
@@ -8012,6 +8014,7 @@
 CVE-2007-4030
 	RESERVED
 CVE-2007-4029 (libvorbis 1.1.2, and possibly other versions before 1.2.0, allows ...)
+	{DSA-1471-1}
 	- libvorbis 1.2.0.dfsg-1 (medium)
 	[etch] - libvorbis <unfixed> (bug #437916; medium)
 	[sarge] - libvorbis <unfixed> (bug #437916; medium)
@@ -10287,6 +10290,7 @@
 	NOTE: This is fixed by 9a08e732533b940d2d31f4e9999dfee5e1ca3914
 	NOTE: in Linus' tree.
 CVE-2007-3106 (lib/info.c in libvorbis 1.1.2, and possibly other versions before ...)
+	{DSA-1471-1}
 	- libvorbis 1.2.0.dfsg-1 (medium)
 CVE-2007-3105 (Stack-based buffer overflow in the random number generator (RNG) ...)
 	{DSA-1363-1}

More information about the Secure-testing-commits mailing list