[Secure-testing-commits] r9396 - in data: CVE DSA

[nion at alioth.debian.org]

Author: nion
Date: 2008-07-22 22:31:56 +0000 (Tue, 22 Jul 2008)
New Revision: 9396

Modified:
   data/CVE/list
   data/DSA/list
Log:
fix inconsistensies reported by francesco
TODO: check if ruby in unstable fixes additional CVE ids


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-07-22 18:09:24 UTC (rev 9395)
+++ data/CVE/list	2008-07-22 22:31:56 UTC (rev 9396)
@@ -1865,7 +1865,7 @@
 CVE-2008-2376 (Integer overflow in the rb_ary_fill function in array.c in Ruby before ...)
 	{DSA-1612-1}
 	- ruby1.9 <unfixed>
-	- ruby1.8 <unfixed>
+	- ruby1.8 1.8.7.22-2
 	NOTE: http://www.openwall.com/lists/oss-security/2008/07/02/3
 CVE-2008-2375 (Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on ...)
 	- vsftpd <not-affected> (debian versions all include the fix)
@@ -34695,7 +34695,6 @@
 CVE-2006-2663 (Multiple cross-site scripting (XSS) vulnerabilities in iFlance 1.1 ...)
 	NOT-FOR-US: iFlance
 CVE-2006-2662 (VMware Server before RC1 does not clear user credentials from memory ...)
-	{DSA-1612-1}
 	NOT-FOR-US: VMware Server
 CVE-2006-2661 (ftutil.c in Freetype before 2.2 allows remote attackers to cause a ...)
 	{DSA-1095-1}

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2008-07-22 18:09:24 UTC (rev 9395)
+++ data/DSA/list	2008-07-22 22:31:56 UTC (rev 9396)
@@ -2,7 +2,7 @@
 	{CVE-2007-2445 CVE-2007-3476 CVE-2007-3477 CVE-2007-3996}
 	[etch] - libgd2 2.0.33-5.2etch1
 [21 Jul 2008] DSA-1612-1 ruby1.8 - several vulnerabilities
-	{CVE-2006-2662 CVE-2008-2376 CVE-2008-2662 CVE-2008-2663 CVE-2008-2664 CVE-2008-2725 CVE-2008-2726}
+	{CVE-2008-2662 CVE-2008-2376 CVE-2008-2662 CVE-2008-2663 CVE-2008-2664 CVE-2008-2725 CVE-2008-2726}
 	[etch] - ruby1.8 1.8.5-4etch2
 [16 Jul 2008] DSA-1611-1 afuse - privilege escalation
 	{CVE-2008-2232}