[Secure-testing-commits] r9312 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Fri Jul 11 18:01:18 UTC 2008
Author: white
Date: 2008-07-11 18:01:16 +0000 (Fri, 11 Jul 2008)
New Revision: 9312
Modified:
data/CVE/list
Log:
stable has gaim, not pidgin; integer overflow present, other minor DoS probably as well
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-11 17:17:58 UTC (rev 9311)
+++ data/CVE/list 2008-07-11 18:01:16 UTC (rev 9312)
@@ -562,6 +562,7 @@
- xpdf <not-affected> (Page.cc is not allocating the widget and therefore not vulnerable in the destructor, attrs initialized)
CVE-2008-2927 (Multiple integer overflows in the msn_slplink_process_msg functions in ...)
- pidgin 2.4.3-1
+ - gaim <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=453764
CVE-2008-3137 [GSM SMS dissector in wireshark allows a DoS]
- wireshark 1.0.1-1 (low; bug #488834)
@@ -586,11 +587,14 @@
- openldap2.3 <unfixed> (medium; bug #488710)
CVE-2008-2955 (Pidgin 2.4.1 allows remote attackers to cause a denial of service ...)
- pidgin <unfixed> (low; bug #488632)
+ - gaim <unfixed> (low; bug #488632)
CVE-2008-2956 (Memory leak in Pidgin 2.0.0, and possibly other versions, allows ...)
- pidgin <unfixed> (low; bug #488632)
+ - gaim <unfixed> (low; bug #488632)
NOTE: jabber servers should not forward malformed XML
CVE-2008-2957 (The UPnP functionality in Pidgin 2.0.0, and possibly other versions, ...)
- pidgin <unfixed> (low; bug #488632)
+ - gaim <unfixed> (low; bug #488632)
NOTE: probably only a bandwidth issue
CVE-2008-2942 (Directory traversal vulnerability in patch.py in Mercurial 1.0.1 ...)
- mercurial 1.0.1-2 (low; bug #488628)
More information about the Secure-testing-commits
mailing list