[Secure-testing-commits] r9223 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Jul 3 15:29:36 UTC 2008
Author: nion
Date: 2008-07-03 15:29:34 +0000 (Thu, 03 Jul 2008)
New Revision: 9223
Modified:
data/CVE/list
Log:
cveified piding issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-03 12:13:33 UTC (rev 9222)
+++ data/CVE/list 2008-07-03 15:29:34 UTC (rev 9223)
@@ -8,11 +8,13 @@
NOTE: http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681
CVE-2008-2952 [remote DoS in openldap]
- openldap2.3 <unfixed> (low; bug #488710)
-CVE-2008-XXXX [several security issues]
+CVE-2008-2955 [denial of service via crafted long file name]
- pidgin 2.4.3-1 (bug #488632)
- NOTE: CVE ids requested by Red Hat
- NOTE: http://marc.info/?l=bugtraq&m=121449329530282&w=4
- NOTE: http://crisp.cs.du.edu/?q=ca2007-1
+CVE-2008-2956 [denial of service via malformed XML documents]
+ - pidgin 2.4.3-1 (low; bug #488632)
+ NOTE: jabber servers should not forward malformed XML
+CVE-2008-2957 [arabitrary file download trigger in piding via UDP pakcet]
+ - pidgin 2.4.3-1 (bug #488632)
CVE-2008-2942 [missing input validation]
- mercurial 1.0.1-2 (low; bug #488628)
[etch] - mercurial <not-affected> (Vulnerable functionality not present)
More information about the Secure-testing-commits
mailing list