[Secure-testing-commits] r9439 - data/CVE
dannf at alioth.debian.org
dannf at alioth.debian.org
Sun Jul 27 23:11:44 UTC 2008
Author: dannf
Date: 2008-07-27 23:11:42 +0000 (Sun, 27 Jul 2008)
New Revision: 9439
Modified:
data/CVE/list
Log:
fixes in linux-2.6.24_2.6.24-6~etchnhalf.4
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-27 22:34:33 UTC (rev 9438)
+++ data/CVE/list 2008-07-27 23:11:42 UTC (rev 9439)
@@ -865,7 +865,7 @@
NOTE: missing api features from the version of libc-client in etch.
CVE-2008-2826 (Integer overflow in the sctp_getsockopt_local_addrs_old function in ...)
- linux-2.6 2.6.25-6
- - linux-2.6.24 <unfixed>
+ - linux-2.6.24 2.6.24-6~etchnhalf.4
NOTE: 735ce972fbc8a65fb17788debd7bbe7b4383cc62, present in 2.6.25.9
CVE-2008-2825 (Cross-site scripting (XSS) vulnerability in the embedded Web Server in ...)
NOT-FOR-US: Xerox WorkCentre
@@ -895,7 +895,7 @@
NOT-FOR-US: WallCity-Server
CVE-2008-2812 (The Linux kernel before 2.6.25.10 does not properly perform tty ...)
- linux-2.6 2.6.25-7
- - linux-2.6.24 <unfixed>
+ - linux-2.6.24 2.6.24-6~etchnhalf.4
CVE-2008-2811 (The block reflow implementation in Mozilla Firefox before 2.0.0.15, ...)
{DSA-1615-1 DSA-1607-1}
- iceweasel 3.0
@@ -1086,7 +1086,7 @@
CVE-2008-2750 (The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux ...)
- linux-2.6 2.6.26
[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.23)
- [etch] - linux-2.6.24 <unfixed>
+ [etch] - linux-2.6.24 2.6.24-6~etchnhalf.4
NOTE: 6b6707a50c7598a83820077393f8823ab791abf8
CVE-2008-2749 (Unspecified vulnerability in cshttpd in Sun Java System Calendar ...)
NOT-FOR-US: Sun Java System Application Server
@@ -1897,7 +1897,7 @@
CVE-2008-2372 (The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users ...)
- linux-2.6 2.6.26
[etch] - linux-2.6 <not-affected> (Introduced between 2.6.23 and 2.6.24)
- - linux-2.6.24 <unfixed>
+ - linux-2.6.24 2.6.24-6~etchnhalf.4
NOTE: IMO this is a lack of optimisation, not a security issue? - jmm
NOTE: 89f5b7da2a6bad2e84670422ab8192382a5aeb9f
CVE-2008-2371 (Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible ...)
@@ -6028,7 +6028,7 @@
[etch] - php4 <not-affected> (Vulnerable code not yet present)
CVE-2008-0598 (Unspecified vulnerability in the 32-bit and 64-bit emulation in the ...)
- linux-2.6 <unfixed> (bug #490910)
- - linux-2.6.24 <unfixed>
+ - linux-2.6.24 2.6.24-6~etchnhalf.4
CVE-2008-0597 (Use-after-free vulnerability in CUPS before 1.1.22, and possibly other ...)
- cups 1.2
- cupsys 1.2
@@ -8398,7 +8398,7 @@
- bind9 <not-affected> (On Debian this file is rw for user bind and just readable for group bind)
CVE-2007-6282 (The IPsec implementation in Linux kernel before 2.6.25 allows remote ...)
- linux-2.6 2.6.25-1
- - linux-2.6.24 <unfixed>
+ - linux-2.6.24 2.6.24-6~etchnhalf.4
NOTE: Upstream commit 920fc941a9617f95ccb283037fe6f8a38d95bb69
CVE-2007-6281 (Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in ...)
NOT-FOR-US: St. Bernard Open File Manager
More information about the Secure-testing-commits
mailing list