[Secure-testing-commits] r9303 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Fri Jul 11 10:09:45 UTC 2008
Author: jmm-guest
Date: 2008-07-11 10:09:44 +0000 (Fri, 11 Jul 2008)
New Revision: 9303
Modified:
data/CVE/list
Log:
new kernel issues
updates on firefox3
ffmpeg source package renamed (right now only for one entry)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-11 10:02:25 UTC (rev 9302)
+++ data/CVE/list 2008-07-11 10:09:44 UTC (rev 9303)
@@ -82,6 +82,8 @@
NOT-FOR-US: Opera
CVE-2008-3077 (arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the ...)
- linux-2.6 <unfixed>
+ - linux-2.6.24 <unfixed>
+ NOTE: 1e9a615bfce7996ea4d815d45d364b47ac6a74e8
CVE-2008-3076
RESERVED
CVE-2008-3075
@@ -99,7 +101,7 @@
CVE-2008-3069 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB before ...)
NOT-FOR-US: MyBB
CVE-2008-XXXX [ffmpeg STR demuxer buffer overflow]
- - ffmpeg-free <unfixed> (bug #489965; low)
+ - ffmpeg-debian <unfixed> (bug #489965; low)
NOTE: http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993
NOTE: CVE id requested
TODO: Check the various embedders in Etch, horray for librification in Lenny
@@ -335,7 +337,8 @@
CVE-2008-2945 (Sun Java System Access Manager 6.3 through 7.1 and Sun Java System ...)
NOT-FOR-US: Sun Java System Access Manager
CVE-2008-2944 (Double free vulnerability in the utrace support in the Linux kernel, ...)
- TODO: check
+ - linux-2.6 <unfixed>
+ - linux-2.6.24 <unfixed>
CVE-2008-2943 (Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 ...)
NOT-FOR-US: IBM Tivoli Directory Server
CVE-2008-2941
@@ -359,7 +362,8 @@
CVE-2008-2932
RESERVED
CVE-2008-2931 (The do_change_type function in fs/namespace.c in the Linux kernel ...)
- TODO: check
+ - linux-2.6 2.6.22
+ NOTE: ee6f958291e2a768fd727e7a67badfff0b67711a
CVE-2008-2930
RESERVED
CVE-2008-2929
@@ -409,7 +413,8 @@
CVE-2008-2906 (SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 ...)
NOT-FOR-US: WebChamado
CVE-2008-2905 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Mambo
+ TODO: File a removal request for the outdated versions once uploaded to experimental
CVE-2008-2904 (SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows ...)
NOT-FOR-US: Conkurent PHPMyCart
CVE-2008-2903 (SQL injection vulnerability in news.php in Advanced Webhost Billing ...)
@@ -646,7 +651,8 @@
CVE-2008-2813 (Directory traversal vulnerability in index.php in WallCity-Server ...)
NOT-FOR-US: WallCity-Server
CVE-2008-2812 (The Linux kernel before 2.6.25.10 does not properly perform tty ...)
- TODO: check
+ - linux-2.6 <unfixed>
+ - linux-2.6.24 <unfixed>
CVE-2008-2811 (The block reflow implementation in Mozilla Firefox before 2.0.0.15, ...)
- iceweasel 3.0
NOTE: Firefox 3 not affected
@@ -662,13 +668,11 @@
- iceape 1.1.10-1
- xulrunner <unfixed>
CVE-2008-2808 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
- - iceweasel <unfixed>
- TODO: Check Firefox 3 status
+ - iceweasel 3.0
- iceape 1.1.10-1
- xulrunner <unfixed>
CVE-2008-2807 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
- - iceweasel <unfixed>
- TODO: Check Firefox 3 status
+ - iceweasel 3.0
- iceape 1.1.10-1
- xulrunner <unfixed>
CVE-2008-2806 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS ...)
More information about the Secure-testing-commits
mailing list